Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
AOL

CPSC warns not to use 'male-to-male' extension cords due to risk of electrocution, fire

The U.S. Consumer Product Safety Commission is warning consumers to immediately stop using hazardous extension cords, often called "suicide cords" or "widowmakers." These cords have two exposed male ...
The New York Times

Trump’s Tuesday Deadline for Iran Is His Latest Extension

The new deadline comes as the president and Iranian leaders have ramped up bombastic threats against one another. By Zolan Kanno-Youngs President Trump’s latest deadline for Iran to open the Strait of ...
GitHub

Python extension for Visual Studio Code

The Python extension will automatically install the following extensions by default to provide the best Python development experience in VS Code: If you set this setting to true, you will manually opt ...