New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Seattle unveils first digital kiosks downtown, with dozens more on the way

IKE, the Interactive Kiosk Experience, has landed in downtown Seattle. Part of former Mayor Bruce Harrell's Downtown ...
The Hacker News

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject ...
The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.
Bleeping Computer

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. Miasma appears to be an evolution ...
The Register-Herald

Fayette County to install sunscreen dispensers across county

The Fayette County Health Department has partnered with Mountains of Hope to install sunscreen dispensers at several ...
FloorDaily.net

Best Practices: Interiors on Pleasant – April 2026

A focus on service, diversification and local market knowledge has helped Interiors on Pleasant thrive for more than 30 years ...

Chrome for macOS soundly beats browser benchmark records

Google has set new browser performance records for Chrome following a year of improvements, with the latest results made ...

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...

Why are there no shops that fix small rust spots, similar to glass chip repair businesses?

Lou Trottier says the first reason relates to the warranty and the second relates to the challenge in painting the repaired ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...