Open-source software used by over 23,000 organisations was compromised by attackers who accessed a maintainer account, injecting credential-stealing code. The corrupted package, part of tj-actions, was able to modify source code and potentially access secret variables. The breach exposed some organisations’ sensitive credentials in freely accessible logs, underlining the need for stringent security protocols in open-source environments.
Anthropic Pulls Fable 5 and Mythos 5: A Watershed for AI, Cybersecurity, and Export Control
On the evening of 12 June 2026, the US government did something no administration had done before. It reached into a frontier AI model that
