CIO

DocLang aims to make documents readable by AI, not humans

Development of the AI-native DocLang document format raises questions about its impact on human workers, as well as on governance and accountability.

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...

Netflix wiz creates app to slash AI bills, then open sources it

As the COOs from both Uber and Microsoft recently learned, encouraging company engineers to use AI aggressively can lead to ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Computerworld

The world of AI tokens — and why they matter

When it comes to AI, tokens are the coin of the realm. Here’s how to understand their importance to both users and AI vendors. Google has only one way to measure the phenomenal AI growth it’s seen: in ...
The Next Web

OpenClaw creator’s $1.3 million monthly OpenAI bill reveals the real cost of autonomous AI coding at scale

OpenClaw creator Peter Steinberger spent $1.3 million in OpenAI API tokens in 30 days running 100 Codex instances on his open-source project. The bill, covered by OpenAI where Steinberger now works, ...
Business Insider

OpenClaw's creator used $1.3 million worth of AI tokens in a month and people are freaking out

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Peter Steinberger is on a token spending spree. On Friday, the creator of OpenClaw posted a screenshot ...