Mini Shai-Hulud worm injects disk wiper into Microsoft Azure PyPI package

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
Bleeping Computer

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.3, ...
InfoWorld

First look: Mojo 1.0 mixes Python and Rust

Milestone Mojo release reveals a systems programming language with precise control over memory, strong types, GPU programming ...
VG Chartz

Xbox Makes Publishing Easier for Developers With New Game Package Manager - News

Xbox has announced it is rolling out a new Game Package Manager for all Xbox developers currently configuring or adding new products to publish to Xbox. This replaces the current Microsoft Partner ...
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.
Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
News9

Lawmakers unveil framework proposal of a new reconciliation package

Congress’s largest conservative caucus, the Republican Study Committee (RSC), unveiled the framework for what its leaders hope will be the starting point for the second reconciliation bill to pass the ...
PC World

Hands-on: Framework finally made a modular laptop feel as premium as its mission

PCWorld highlights the Framework Laptop 13 Pro’s transformation into a premium device with solid aluminum construction, addressing previous models’ build quality issues while maintaining modular ...
Engadget

Framework launches the Laptop 13 Pro with Intel's new Panther Lake chips

Framework's lineup of modular, repairable laptops has seen the company grow from a niche to the mainstream. Now, the company is launching a pro version of its 13-inch laptop, but it's still held close ...