Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Fireship on MSN

732 bytes of Python just borked every Linux machine on earth

A tiny Python script triggered a major Linux failure in a way that few users would expect. The incident shows how even small ...
Cryptopolitan on MSN

Criminal hackers used AI to write working zero-day exploit

Google caught the first zero-day exploit built with AI assistance. Criminal and state backed hackers are using AI models to ...

AI is finding software bugs faster: Can crypto patch them fast enough?

AI is accelerating software vulnerability discovery, increasing pressure on crypto firms to track CVEs, patch systems faster ...
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
The Lancet

Car dependency and US environmental health research: a long drive from motonormativity to planetary health

bDepartment of Environmental and Radiological Health Sciences, Colorado State University, Fort Collins, CO, USA cColorado School of Public Health, Colorado State University, Fort Collins, CO, USA The ...
IEEE

An Empirical Study on Python Library Dependency and Conflict Issues

Abstract: With the rapid development of open-source communities, code reuse in Python projects is increasingly common. Developers heavily rely on third-party libraries from the Python central ...
Deadline.com

‘Sinners’: Read The Screenplay For Ryan Coogler’s Fusion Of History, Music And Mysticism That Forged A Genre Blockbuster

Deadline’s Read the Screenplay series spotlighting the scripts behind the awards season’s most talked-about movies continues with Warner Bros‘ Sinners, written and directed by Ryan Coogler who ...
Dark Reading

Malicious NPM Packages Disguised With 'Invisible' Dependencies

As poisoned software continues to pop up across the industry, some threat actors have found a way to hide malicious code in npm packages and avoid detection from most security tools. In an blog post ...