Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...

13 Best AI Stock Trading Bots in 2026 for Smarter Automated Profits

Compare 13 AI stock trading bots in 2026 for automated stock trading, AI signals, backtesting, quant strategies, and smarter ...
The Next Web

Sigma Computing doubles valuation to $3 billion in Series E as agentic analytics race heats up

The San Francisco analytics company hit $200 million ARR in April, doubling year over year. Sigma Agents, its no-code AI product, became the fastest-adopted feature in the company's history.
techzine

TeamPCP compromises Python libraries via supply chain attack

The hacker group TeamPCP uploaded two malicious versions of the popular Python library LiteLLM to PyPI. Using a previously compromised version of the vulnerability scanner Trivy, the attackers stole ...
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...
Memeburn

ChatGPT vs Gemini 2026: Which AI Assistant Is Actually Better?

We tested both on writing, coding, research, and video. See which one fits your workflow, budget, and use case.