The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the ...

How to use ChatGPT: A beginner's guide to mastering OpenAI's chatbot in 2026

How to use ChatGPT: A beginner's guide to mastering OpenAI's chatbot in 2026 ...

Dashlane explains how attackers managed to download encrypted password vaults

Dashlane said that attackers mounted a coordinated hacking campaign against a large base of its users in an attempt to recover as many encrypted password vaults as possible. The password manager ...

How Beginners Are Using ChatGPT Codex to Automate Daily Workflows

Learn how to use ChatGPT Codex as an AI teammate to automate workflows, manage files, and streamline your daily tasks without ...
InfoQ

Run Untrusted AI Agent Code Safely with Azure Container Apps Sandboxes

Microsoft has announced the public preview of Azure Container Apps Sandboxes. This new ARM resource type is ...

Cargo ship’s chief engineer charged in 2024 Francis Scott Key bridge collapse in Baltimore

Prosecutors have charged the chief engineer of the cargo ship Dali in connection with the 2024 collapse of Baltimore’s ...

Key Bridge collapse: Judge sets 2027 trial; fate of missing defendant unresolved

A federal judge on Tuesday scheduled the criminal trial connected to the Francis Scott Key Bridge collapse for October 2027.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
GitHub

Validation Summary: How to Run Ansible Playbooks in Azure DevOps Pipelines

The Azure Pipelines task names, input names, variable group syntax, deployment job syntax, environment approval guidance, secure file usage, and Ansible CLI options were consistent with official ...