Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...
Dark Reading

Bad Memories Still Haunt AI Agents

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...

There’s no rogue McDonald’s AI bot, but ‘prompt injection’ is still a risk for companies

People hacking branded AI bots can result in significant reputational, financial, and legal consequences. There appears to be ...
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
CSO Online

Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...
Family Destinations Guide

You’ll Need Two Hands To Tackle The Enormous Sticky Buns At This California Roadside Restaurant

The sticky buns here have achieved legendary status among travelers who know that sometimes the journey is really just about ...
About Amazon

AWS launches Amazon Quick desktop AI assistant that works across your applications, tools, and data

Amazon Quick brings a personal AI assistant to your desktop. Build presentations, intelligent dashboards, and more. Connect ...
OfficeChai

11 Best AI Tools For Conducting Interviews (With Examples) [2026]

These 11 AI tools for conducting interviews will help recruiters and HR teams quickly and efficiently select the best ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
InfoWorld

GitHub shifts Copilot to usage-based billing, signaling a new cost model for enterprise AI tools

The move reflects rising compute demands and agentic workflows, requiring CIOs to rethink budgeting and governance.

What to know about how a suspect in the killing of 2 Florida students used ChatGPT

Prosecutors have revealed that a suspect in the deaths of two University of South Florida students asked ChatGPT about body ...