InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
The Hacker News

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...
Tech Times

Pluto.jl Reaches 1.0: Julia’s Reactive Notebook Now Production-Ready for Research

Julia reactive notebook Pluto.jl reached version 1.0 on May 27, ending six years of development with a stable API commitment.
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

Open-source FLIM Playground could speed reproducible analysis of complex cell images

Modern fluorescence microscopy can generate images of living cells as stunning to look at as they are informative to study. For techniques like fluorescence lifetime imaging microscopy (FLIM), those ...

Conner 4Ever: The Oral History of ‘Popstar: Never Stop Never Stopping’

The Lonely Island and their collaborators go deep on the making of their cult-classic mockumentary in honor of its 10th ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

GitHub announces npm security changes to tackle supply-chain attacks

GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Yahoo! Sports

Thunder Star’s Nasty Hair Pull on Victor Wembanyama’s Teammate Sparks Calls for Suspension Across NBA World

The OKC Thunder returned to winning ways with a 122-113 win in Game 2—a morale booster after the disappointing loss in the WCF opener. However, the team’s physicality throughout the night sparked ...