InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Martin Cid Magazine

Chinese hackers spent 18 months inside Microsoft 365 before anyone noticed

A China-linked espionage group lived inside corporate cloud accounts for a year and a half by stealing trust instead of ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
The Hacker News

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

VerdantBamboo used BRICKSTORM, PLENET, and AGENTPSD after an 18-month breach, enabling stealthy Linux appliance access.

'Please do not vibe f--- up this software': Broken backups spark AI coding row in rsync project

Users probe backup failures find Claude-assisted commits. Veteran engineer retorts: 'I did not just vibe-code 'convert test ...

Dev Configs for Windows: From fresh install to IDE in one command

With Microsoft's new Dev Configs, a Windows installation becomes a ready-to-use developer workstation with a single command – ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...

Microsoft Build 2026 Highlights: From MAI-Code-1 to Project Solara, Here's What Microsoft ...

MAI models, GitHub Copilot desktop app, Project Solara, Windows dev tools, and the full agent stack explained.