The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

A large-scale campaign impersonates open-source and freeware project portals to redirect users through a gated TDS and ...
TechCrunch

Meet Wander, a StumbleUpon-inspired tool for discovering the ‘small web’

As search becomes increasingly dominated by AI summaries and commercial content, people are experimenting and coming up with ways to make the web feel more human like it used to, building everything ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...

OpenAI's Codex update lets agents build interactive enterprise workspaces via Sites and role-specific plugins

Rolling out in preview for Business and Enterprise tiers, Sites allow cross-functional teams to bypass front-end development.
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...