The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
GovInfoSecurity

Breach Roundup: CISA Says Agencies Should 'Patch Smarter'

This week, CISA tightened patching rules, hackers provoked AI scanners. An accused Russian intel hacker appeared in court.

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

XBOW tests Anthropic's Mythos Preview for offensive security

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

Anthropic’s Mythos AI Reportedly Enters NSA Offensive Cyber Planning

Anthropic engineers are reportedly helping the NSA use Claude Mythos for cyber operations despite the Pentagon’s supply-chain ...
JD Supra

Glasswing widens: Anthropic puts Mythos inside power, water and hospital operators across more than 15 countries

Anthropic on Tuesday expanded Project Glasswing beyond its roughly 50 initial partners, extending access to a new cohort of approximately ...
Analytics Insight

Top Tech Jobs in 2026: ServiceNow, AWS, and Stripe Are Hiring Now

Overview  AI and machine learning roles are seeing the fastest growth globally, with employers prioritizing expertise in LLMs ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...