PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
The Next Web

Google just launched its agentic enterprise play, and it runs from chip to inbox

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.

There's a Cave Full of Bats Infected by the 'Bleeding Eye' Virus. People Are Trespassing to See It, and Scientists Want It to Stop

While studying predators visiting Python Cave, home to bats confirmed to have Marburg virus, scientists observed hundreds of ...
DATAQUEST

Best AI Courses in 2026: Beginner to advanced Pro certifications to boost salary and career in India

Best AI courses 2026 in India including Google, AWS, and MIT certifications. Learn AI from beginner to expert level and boost ...
eWeek

Apple, Google Face Scrutiny as ‘Nudify’ Apps Hit 483M Downloads

TTP says Apple and Google app stores surfaced ‘nudify’ apps tied to 483 million downloads through search results, ads, and ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
InfoWorld

Tap into the AI APIs of Google Chrome and Microsoft Edge

The Chrome and Edge browsers have built-in APIs for language detection, translation, summarization, and more, using locally ...
The Droid Guy

I Spent 24 Hours Benchmarking GPT-5.5 Against Claude Opus 4.7 — Here Is What Actually Happened

Within hours I paused an ongoing Opus 4.7 benchmark, swapped the API keys, and ran the exact same methodology on ...
Infosecurity Magazine

Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...