Fake OpenAI repository on Hugging Face pushes infostealer malware

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing ...
The Security Ledger

How Claude Planted Malicious Code In A Crypto-Trading App

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
The Hacker News

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.

New Linux ‘Copy Fail’ flaw gives hackers root on major distros

An exploit has been published for a local privilege escalation vulnerability dubbed "Copy Fail" that impacts Linux kernels ...

What’s a coding course for in the age of AI? Maybe not learning to write it

Intro to Programming courses at NC State still have a no-AI policy. Heckman and Roberts are committed to that, unlike Jordan.
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Opinion

France is replacing 2.5 million Windows desktops with Linux - and I mapped out its new stack

France is replacing 2.5 million Windows desktops with Linux - and I mapped out its new stack ...
The Dartmouth

Professor unintentionally released student information to campus in ‘test’ of Claude’s grading capabilities

In a statement to The Dartmouth, Robustelli wrote that he has “never used Claude or any AI tool to grade student work” and ...

Claude Code Leak: 8100 Takedown Requests and the Birth of Claw-Code

A human error at Anthropic reveals the architecture of autonomous AI agents, sparking a heated debate about copyright for ...