New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...
InfoWorld

10 MCP servers to connect LLMs with databases

Use these official MCP servers to interact with the leading database platforms via natural language through your LLM-assisted ...
How-To Geek on MSN

I built a self-hosted Navidrome server to replace Spotify, and it works better than I expected

$20 in parts and an hour can get you your own Spotify alternative.
winbuzzer.com

OpenAI Codex Helps Expose Decades Old HTTP/2 Bomb Server Attack

OpenAI Codex helped Calif, an AI red-teaming security group, expose HTTP/2 Bomb, a denial-of-service attack that combines old HTTP/2 compression and connection-holding techniques against current ...