New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...
The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
Memeburn

What Is Claude Fable 5? Anthropic Finally Releases Its Restricted Mythos AI to the Public

Claude Fable 5 is Anthropic's public version of its restricted Mythos AI model. Learn what Claude Fable can do, how it ...
Cryptopolitan on MSN

IronWorm malware plants rootkit in Arweave ecosystem npm libraries

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...
Developer Tech

Anthropic says AI can turn software patches into exploits within hours

Anthropic’s AI turned Firefox and Windows software patches into exploits within hours, including one Windows proof-of-concept ...

Anthropic releases Mythos-class model for public use

The classifiers will trigger in less than five percent of usage sessions, Anthropic claimed, while conceding it has tuned the ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
TMCnet

Krisp Launches Voice Translation v3, Opens Enterprise-Grade Translation to Developers

Krisp, the leader in real-time voice AI technology, today announced Voice Translation v3, a major release for its enterprise voice translation solution, and the launch of the Voic ...