SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Devs know AI code is riddled with holes, but ship it anyway

Research by AppSec biz Checkmarx finds that 70 percent of developers believe AI-generated code has more vulnerabilities, and ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Dark Reading

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
Cybernews

Hackers hijack Microsoft packages to steal developer logins

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...
Roll Tide Wire

Python egg hunt: Florida elimination program adds new reward category

The South Florida Water Management District is now rewarding hunters for removing python eggs and active nests from the ...
Tech Times

WWDC 2026 Developer Tools: Foundation Models Now Swaps AI Providers Without Code Changes

WWDC 2026 developer tools enter hands-on mode Tuesday as Apple’s new LanguageModel protocol lets iOS apps swap Foundation ...