Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Iroh 1.0 turns the internet into a secure localhost

The modular networking stack Iroh reaches version 1.0. It relies on cryptographic keys instead of IP addresses for networking ...
InfoWorld

Databricks’ OpenSharing targets the ‘integration tax’ of enterprise AI

The zero-copy credential model enables cross-platform sharing of AI assets, promising lower overhead, stronger governance, ...

Microsoft debuts Surface RTX Spark Dev Box to run large AI models without cloud costs

Microsoft’s new Surface RTX Spark Dev Box packs Nvidia Blackwell AI power and 128GB of unified memory to run large AI models locally, helping developers cut cloud costs and rethink enterprise AI ...

Norks blast 250+ fake job offers to developers over 6 weeks to try and snarf creds and crypto

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...

New GitHub Copilot App Aims to Tame Chaos in Agent-Driven Development

At Microsoft Build, GitHub unveiled a desktop app that bundles parallel AI agent sessions and accompanies the CI/CD process with Agent Merge.
TMCnet

Cognitum One Names Founding Advisory Team - and Investors - of Enterprise and Silicon Leaders as It Brings Sovereign Agentic AI to Enterprise Infrastructure

The founding advisors, each of whom is also an investor in the company, are: Their combined experience covers the full stack ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...
MUO on MSN

5 package managers that work on Windows, Mac, and Linux

If reinstalling software feels repetitive, these tools have some ideas.
MUO on MSN

I stopped juggling AI APIs and switched everything to one that actually works

I can use virtually every language, speech, image, and video model with one API key.