The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Fritz SmartEnergy 250: PV battery control via emulation

If you use batteries with a balcony power plant, you can control them according to your needs. Can Fritz SmartEnergy 250 ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Interesting Engineering

Game of Battleship helped computers get 82% better at finding hidden answers

Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and Harvard’s School of Engineering and ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python ...
Tech Xplore on MSN

Battleship-trained AI learns to ask sharper questions, boosting win rate from 8% to 82%

In 2026, the hype for artificial intelligence agents is louder than ever before. These semi-autonomous programs can "think" ...

CrowdStrike, Google shatter Glassworm botnet

CrowdStrike, working with Google and the Shadowserver Foundation, said it has taken down the Glassworm botnet, a self-propagating, credential-stealing worm that has targeted developers and spread ...
Biometric Update

Notre Dame researchers release open-source iris recognition tools built for NIST testing

The work addresses a gap in biometric testing, as NIST’s IREX has focused primarily on closed-source commercial iris ...
Computer Weekly

Glassworm botnet that targeted OS devs smashed to pieces

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub repositories, risking widespread supply chain compromise.

CAEVES: The startup that wants to make your 30-year-old files talk to Copilot

Sofia in late March was colder than anyone packed for. The 67th edition of The IT Press Tour had landed in the Bulgarian ...
Tom's Hardware on MSN

Nvidia's Vera CPU tested in common Linux benchmarks, matches AMD EPYC, Intel Xeon

NVIDIA's new server CPU doesn't win outright in most tests, but it's running very close to AMD's EPYC, which is incredible ...
Cryptopolitan on MSN

JINX-0164 hijacks crypto developer machines through phony meeting links

A group of hackers, named JINX-0164, has been contacting crypto devs via LinkedIn and inviting them to fake meetings that ...