Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
InfoWorld

Supply chain battles intensify as takedowns meet AI-driven noise

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

'Adversaries are no longer just targeting products, they're targeting the developers who build them': CrowdStrike takes down major botnet targeting developers across …

The Glassworm botnet is no more, thanks to coordinated efforts between CrowdStrike, Google, and the Shadowserver Foundation.
The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

Coordinated operation takes down Glassworm botnet

The Glassworm botnet, a global operation targeting software developers through the open-source supply chain, was disrupted ...

My new favorite Windows app made my PC safer and more reliable - and it's free

My new favorite Windows app made my PC safer and more reliable - and it's free ...
How-To Geek on MSN

You're using Excel wrong if you're still manually cleaning data—Python does it for you in seconds

Save your clicks with a few lines of Python code.
CoinJournal

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.
CSO Online

GlassWorm falls, but the repo problem is far from solved

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...
InfoWorld

Microsoft’s open-source toolkit for controlling out-of-control AI agents

The Agent Governance Toolkit brings runtime policy enforcement to autonomous agents, targeting the OWASP top 10 agent risks.