New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
Pen Test Partners

ClickFix, CrashFix and the growing family of copy and paste attacks

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
InfoQ

Run Untrusted AI Agent Code Safely with Azure Container Apps Sandboxes

Microsoft has announced the public preview of Azure Container Apps Sandboxes. This new ARM resource type is ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Widow launches fundraiser for husband killed in Cecil County nitrous oxide blast

The GoFundMe supporting the family of 33-year-old Thomas Logue has raised over $5,800 as of Tuesday afternoon. Proceeds will ...

Quarantunes' Demi Weitz Launches Platform Indigo With Stanford Grads

Weitz teamed with fellow Stanford University graduates and siblings Luc Giraud and Saskia Giraud to launch Indigo, and they've reeled in rapper, singer and producer .idk. to help kick off the platform ...

How Geoff Parling put his stamp on Leicester Tigers

Play-off against Northampton will serve up tough examination of coach’s attempt at marrying the new with the old at Welford Road ...

7 Best Software Development Project Management Tools in 2026

Discover the best software development project management tools, tested for agile teams, DevOps pipelines, and enterprise ...