New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
InfoWorld

Rayfin signals Microsoft’s push to make Fabric an AI app runtime

Beyond productivity gains, the platform play focuses on unifying data, governance, and deployment for enterprise AI.
BBC

Bún chả inspired noodle bowl

Bún chả is a popular Vietnamese street food originally from Hanoi. My simplified version has fried pork sausage meatballs, rice noodles, fresh veg and an easy tangy sauce. But you might taste it in ...
TWCN Tech News

What is Service Host Agent Activation Runtime process? How do I disable it?

The Task Manager in Windows shows overall resource usage by all the processes and applications running on your computer. That way, you can also check if there are any background processes utilizing ...