'Please do not vibe f--- up this software': Broken backups spark AI coding row in rsync project

Users probe backup failures find Claude-assisted commits. Veteran engineer retorts: 'I did not just vibe-code 'convert test ...

Iranian government, not hacktivist group, breached LA Metro system, security firm says

A report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists.
The Hacker News

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal ...

Scientist sounds alert over Burmese python predations in Naples

Expert at the Conservancy of Southwest Florida topped their own record for the most tonnage of Burmese python removed from ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
XDA Developers on MSN

I built a Python utility using Claude to automate my image editing workflow, and it saves me hours every week

Vibe-coding your problems away doesn't get easier than this ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.