JD Supra

Mobley v. Workday: The AI Vendor as AI Agent. Creating Potential New Liabilities

Welcome back to Defending the Algorithm™ - a LinkedIn newsletter from Pittsburgh law firm, Houston Harbaugh, PC, helping ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
eWeek

Google AI Studio Cheat Sheet: Features, Pricing, and More

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and where it falls short.

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
VentureBeat

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain incidents hit OpenAI, Anthropic and Meta in 50 days: three adversary-driven attacks and one self-inflicted packaging failure. None targeted the model, and all four exposed the same ...
ITV

The latest ITV weather forecast for the UK

Outbreaks of rain becoming increasingly showery as we move through the evening, however heavy bursts are still possible. Drier later in the night with some clear spells developing, these mainly ...
TechRepublic

Tech & Work

Elon Musk’s AI ecosystem spans xAI, Tesla, X, Neuralink, and SpaceX, connecting chatbots, robots, brain implants, and spacecraft. If you can only read one tech story a day, this is it. We use cookies ...
Hosted on MSN

Gmail servers hijacked by malicious PyPI packages to spread havoc - here's how to stay safe

Socket found seven malicious packages on PyPI The packages were abusing Gmail and WebSocket They were removed from the platform Several malicious PyPI packages were recently observed abusing Gmail to ...
Computerworld

Industry

EU's cloud sovereignty push leaves room for US hyperscalers The Cloud and AI Development Act signals a regulatory direction for the EU as it aims to reduce dependency on US cloud providers. But Europe ...