The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing ...

Linux cryptographic code flaw offers fast route to root

The newly disclosed LPE, dubbed Copy Fail (CVE-2026-31431), comes from a vulnerability in the Linux kernel's authencesn ...

BlueRock Open Sources MCP Python Hooks for Real-Time MCP Server Visibility

BlueRock today announced the open source release of BlueRock MCP Python Hooks, a lightweight runtime observability tool for Python. It captures MCP server activity by inspecting the protocol, ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Runpod launches Flash to bring AI inference to developers without infra overhead

Developer-centered artificial intelligence cloud provider Runpod Inc. today announced the launch of Flash, a software ...
Tech Xplore

What skills do people need to successfully program with AI?

The new trend of "vibe coding" allows people to program software without writing a single line of code. Now, a new study by ...
Chicago Maroon

In His Last College Quarter, Ben Heim Is Building an AI Project Every Week

In his final quarter at UChicago, fourth-year Ben Heim has been taking his own advice. As president of the International ...

How to Install OpenAI Codex on Windows with Security Measures

Learn how to install OpenAI Codex on Windows, with essential security measures to protect your API keys, system, and ...

Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own

If OpenAI can accidentally train its flagship model to obsess over goblins, what other more subtle and potentially harmful ...
SecurityWeek

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

The PCPJack worm targets cloud environments and vulnerable web applications to remove TeamPCP infections and steal ...