10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
Morning Overview on MSN

17-year-old builds AI tool to speed malaria and blood-disease diagnosis

Somewhere, a 17-year-old has built an artificial intelligence tool designed to identify malaria and other blood diseases from ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...
Le Lézard

Grafana Labs Targets the "AI Blind Spot" with New Observability Tools Announced at GrafanaCON 2026

Grafana Labs, the company behind the open observability cloud, today announced a set of new AI-focused capabilities at GrafanaCON 2026: AI Observability in Grafana Cloud; a significant expansion of ...