Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Talking to AI agents is one thing — what about when they talk to each other? New startup Band debuts 'universal orchestrator'

Already, BAND's early users — and enterprises more broadly — are mixing and matching AI agents powered by models from various ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

Threat actor uses Microsoft Teams to deploy new “Snow” malware

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a ...
i-SCOOP

DeepSeek V4 puts 1M context and low cost at the center of the open model race

DeepSeek V4 arrives in Pro and Flash variants with a 1M token context window, lower inference costs, and a stronger push into ...
eWeek

OpenAI Debuts ChatGPT Images 2.0, Bringing Reasoning to AI Image Creation

OpenAI launches ChatGPT Images 2.0 with image editing, reasoning, web research, multilingual support, and better text ...
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Top open source PyPI package with over 1 million downloads each month hacked to send out malware

This was not a case of stolen credentials, but rather of vulnerability exploitation.
Hosted on MSN

Level up your Python coding setup

Choosing the right Python IDE or editor can make coding smoother, debugging faster, and automation easier. From feature-rich environments like PyCharm and VS Code to lightweight options like Geany, ...

Set up a safe testing lab with Hyper‑V and Windows Sandbox

Stop risking your PC. Use Windows 11's built-in virtualization tools to test virtually anything safely in a fully isolated ...
The Next Web

Google just launched its agentic enterprise play, and it runs from chip to inbox

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.