The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
GitHub

Modules for Experiments in Stellar Astrophysics (MESA)

MESA is a powerful and versatile open-source software suite built to allow users to run experiments in stellar evolution. Stellar evolution calculations (i.e., stellar evolution tracks and detailed ...
InfoWorld

Pyrefly 1.0: A fast, forward-looking Python linter

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.
GitHub

Python interface to Bluetooth LE on Linux

This is a project to provide an API to allow access to Bluetooth Low Energy devices from Python. At present it runs on Linux only; I've mostly developed it using a Raspberry Pi, but it will also run ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have this malware installed?