InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

YouTuber PewDiePie Launches Free AI That Runs Privately On Your PC, Taking on Claude and ChatGPT

PewDiePie has released Odysseus, a free and open-source AI workspace that runs on a user’s own computer. The project is not a ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
MUO on MSN

There's a version of PowerShell that's even more powerful — and it's already on your Windows PC

I switched to WSL 2 and finally stopped feeling locked into Windows — here's why that changes everything.
The Guardian

Thomas Massie files to run in 2028 after losing to Trump pick Ed Gallrein

Kentucky conservative says ‘I haven’t made a final decision about which office to seek, if I run’ Thomas Massie is planning his comeback. The conservative Kentucky congressman filed to run again for ...
NBC News

Rep. Thomas Massie files paperwork to run in 2028, says he hasn’t made a ‘final decision’ about his political future

Fresh off last week’s primary loss, Rep. Thomas Massie, R-Ky., announced Monday he had filed paperwork for a 2028 run for the House — or something else. Subscribe to read this story ad-free Get ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
How-To Geek on MSN

You're using Excel wrong if you're still manually cleaning data—Python does it for you in seconds

Save your clicks with a few lines of Python code.

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI vendor questionnaires are missing.

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...
CNBC

Shell tops profit estimates as Iran war boosts oil price, cuts share buybacks

Oil giant Shell posted bumper profit of $6.92 billion through the first quarter as the Iran war sent fossil fuel prices soaring. The London-listed energy major cut the pace of its quarterly buyback to ...