The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
DataBreachToday

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...
InfoWorld

The Python AI library hack that didn’t hack Python

There are some critical takeaways from the Ultralytics AI Python library hack, but they're not the ones you might expect. Also, 10 tips for making Python faster and a look at uv—the all-in-one Python ...