For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Microsoft’s open source tools were hacked to steal passwords of AI developers

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.

New Apple feature automatically changes your compromised passwords

At WWDC 26, Apple announced an Apple Intelligence-powered feature that can automatically fix weak and compromised passwords.