The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

I had ChatGPT build me a free PDF editor because I didn't trust it to change my files - it worked!

The smartest way to use AI may not be letting it touch your files, but asking it to write software that handles them safely - ...
How-To Geek on MSN

3 unheard-of Linux tools that fix everyday command-line annoyances

If you've used Linux, you've undoubtedly experienced these problems, so why not take a look?
MUO on MSN

I taught Claude 3D design, now it prints real-world parts

This is vibe coding for 3D printing.
JD Supra

Mobley v. Workday: The AI Vendor as AI Agent. Creating Potential New Liabilities

Welcome back to Defending the Algorithm™ - a LinkedIn newsletter from Pittsburgh law firm, Houston Harbaugh, PC, helping ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Nicholas Duvernay on ‘Not Suitable For Work’ and How ‘White Lotus’ Changed Things For Him

The 27-year-old actor digs into the new Hulu series and teases his role in the upcoming Lili Reinhart-fronted rom-com ‘The ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...