I've tested so many desktop AI tools, but Hermes with Ollama is my new favorite - here's why

Follow ZDNET: Add us as a preferred source on Google. Hermes is an AI desktop app with plenty of cool features. You can ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...
MSN on MSN

3 unheard-of Linux tools that fix everyday command-line annoyances

If you've used Linux, you've undoubtedly experienced these problems, so why not take a look?
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
InfoWorld

Microsoft makes Linux developers feel more at home in Windows with Coreutils release

As well as Coreutils, the Build 2026 developer conference also saw Microsoft announce WSL containers CLI and API to deploy ...
techtimes

Microsoft Intelligent Terminal Ships at Build 2026: AI Agent Fork Leaves Mainline Terminal Alone

Microsoft shipped Intelligent Terminal 0.1 at Build 2026 on June 2 — a separate, open-source application that puts an AI agent pane inside a forked version of Windows Terminal. The project, authored ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Windows Latest

Microsoft’s new Surface RTX Spark Dev Box is like the cheese grater Mac Pro, and that’s why I love it

The Surface RTX Spark Dev Box brings back Microsoft's experimental design era with a wild unique chassis and 1 petaflop of ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI vendor questionnaires are missing.

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...