The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

XBOW tests Anthropic's Mythos Preview for offensive security

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.
How-To Geek on MSN

Claude's no-code canvas replaces hours of Python debugging in minutes

I ditched my terminal for Claude's built-in code executor, and I'm not going back.
Dark Reading

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

The Agentic Reckoning: Enterprise AI organizations have a runtime problem, not a model problem — and most are building the wrong solution

VentureBeat surveyed 132 enterprise AI leaders: the production failure point isn't the model — it's the runtime layer most ...
Windows Latest

Microsoft’s new Surface RTX Spark Dev Box is like the cheese grater Mac Pro, and that’s why I love it

The Surface RTX Spark Dev Box brings back Microsoft's experimental design era with a wild unique chassis and 1 petaflop of ...

Microsoft Unveils RTX Spark Mac Studio Rival for Running AI Models Locally

Microsoft has unveiled the Surface RTX Spark Dev Box, a compact desktop PC powered by Nvidia’s RTX Spark superchip. The ...

Codestrap Redefines Architecture of Agentic Work, Solves AI Cost Crisis

Research from Leading Academic Institutions Finds Average End-to-End Enterprise Software Workflows Require 4.17M Tokens at a Cost of $1.857. Codestrap Delivers Similar Workflows for Only 61,000 Tokens ...