Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
The Hacker News

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

Oracle PeopleSoft zero-day CVE-2026-35273 was exploited before Oracle's June 10 advisory, exposing data and triggering ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
The Tech Portal

OpenAI agrees to acquire AI cloud startup ‘Ona’, team will join Codex division

OpenAI has agreed to acquire Ona, a startup specializing in cloud execution environments for AI agents. The financial terms ...
CSO Online

Ivanti patches critical Sentry flaws that lead to full device takeover

Two vulnerabilities in the secure mobile gateway appliance allow unauthenticated attackers to bypass authentication and ...
GovInfoSecurity

Breach Roundup: CISA Says Agencies Should 'Patch Smarter'

This week, CISA tightened patching rules, hackers provoked AI scanners. An accused Russian intel hacker appeared in court.

OpenAI Buys Secure Cloud Startup Ona To Assist Its AI Coding Assistant, Codex

OpenAI formally announced on June 11 that it has agreed to acquire Ona, a cloud execution and orchestration startup.

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

Ingenuity Trading Enters New Growth Phase With Moneta Ventures Investment

Capital to Broaden Coverage Across Products and Markets, Deepen AI-Driven Intelligence, and Scale Institutional ...