The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...
The Next Web

Meta freezes AI data work after breach puts training secrets at risk

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

The New Power Tool For Knowledge Workers May Be Building An AI Chief Of Staff

A viral post about an AI chief of staff signals something bigger than productivity software. It signals a new class of worker ...

Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU and invocation charges ...
Analytics India Magazine

Rust Meets Golang in a New Programming Language

With Go, Ovejero points to a recurring class of bugs around nil handling. Go does not distinguish between nillable and ...
BMJ Open

Co-exploring how environments shape brain health through a planetary health lens: a photovoice study in Auckland, Aotearoa New Zealand

Objectives Dementia prevention and climate action share a common imperative: safeguarding future generations’ health. Despite ...
TechSpot

I saw DLSS 5 running across multiple games. It's not a face filter.

Sounding off: I went hands-on with Nvidia's DLSS 5 across multiple games at GTC and the "it's just a face filter" isn't the right take. The improvements to shadows, water, foliage, clothing, and even ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
PC Magazine

Meta's Manus Launches Desktop App With AI Agent for Tasks Across Files, Apps

Meta’s recently acquired AI startup Manus has launched a desktop app for Mac and Windows. It features an agentic tool called My Computer that allows you to use text prompts to execute tasks across ...