A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Perplexity CEO Aravind Srinivas introduced a groundbreaking “search as codegen” system, enabling AI agents to execute complex tasks through Python-based workflows.

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

I ditched my terminal for Claude's built-in code executor, and I'm not going back.

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Strativerse.ai has launched its AI solution for automated strategy development, introducing a platform designed to help ...

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.