PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...

New 'Copy Fail' Flaw In Linux Kernel Lets Any Local User Seize Root Access: Here's How To Fix It

The flaw allows an unprivileged local user to write four controlled bytes into the page cache of any readable file on a Linux ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

One tool call to rule them all? New open source Python tool RunPod Flash eliminates containers for faster AI dev

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential ...

How I set up Claude Code in iTerm2 to launch all my AI coding projects in one click

Managing multiple Claude Code projects doesn't have to be chaotic. My iTerm2 setup dramatically reduces friction in my daily AI-assisted coding workflows - here's how.
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

Linux cryptographic code flaw offers fast route to root

Developers of major Linux distributions have begun shipping patches to address a local privilege escalation (LPE) ...
SecurityWeek

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover

Copy Fail, a logic bug in the Linux kernel, allows users to write 4-byte code into other files’ page cache and achieve root ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
Hackaday

Building An IBM PCjr BIOS From Source Using Original Printed Source Code

As unloved as IBM’s PCjr was, with only a one-year production run, it’s hard to complain about the documentation available ...

How I vibe-coded a web tool in three days with no programming experience

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.