Devs know AI code is riddled with holes, but ship it anyway

Research by AppSec biz Checkmarx finds that 70 percent of developers believe AI-generated code has more vulnerabilities, and ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet

EXCLUSIVE For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the ...
Tom's Hardware on MSN

Hades malware campaign now tricks AI bots by injecting text about biological and nuclear weapons

This is probably the dictionary illustration for "deceptively simple." ...

I've tested so many desktop AI tools, but Hermes with Ollama is my new favorite - here's why

I've tested so many desktop AI tools, but Hermes with Ollama is my new favorite - here's why ...

OpenAI Buys Secure Cloud Startup Ona To Assist Its AI Coding Assistant, Codex

OpenAI formally announced on June 11 that it has agreed to acquire Ona, a cloud execution and orchestration startup.

Exclusive: MotherDuck adds agentic data ingestion to its cloud analytics service

MotherDuck Corp., the maker of a cloud-native data warehouse based on the open-source DuckDB analytical engine, is betting ...
The Hacker News

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject ...

XBOW tests Anthropic's Mythos Preview for offensive security

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.
Department of Computer Science - University of Texas at Austin

How One MSAI Student Built an AI Tool to Predict Supply Chain Disruptions

Garine’s breakthrough came during the AI in Healthcare course. While the course explores subjects ranging from electronic ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...