New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...
CPO Magazine

Megalodon Supply Chain Attack Infects Over 5,500 GitHub Repositories with Backdoors and Stealers

A massive supply chain attack dubbed Megalodon has infected over 5,500 GitHub repositories with credential-stealing malware, ...
InfoWorld

10 MCP servers to connect LLMs with databases

Use these official MCP servers to interact with the leading database platforms via natural language through your LLM-assisted ...
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.
GitHub

hxe-ua-download-binary.md

Open a command prompt at the location where you saved the Download Manager file (HXEDownloadManager.jar or HXEDownloadManager_linux.bin). Note: If you've already installed SAP HANA express edition, ...