New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
Infosecurity Magazine

New “Agentjacking” Attacks Could Hijack AI Coding Agents

Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Google Chrome is warning developers that WebMCP tools can be used to manipulate and hijack AI agents. New guidance outlines ...
InfoWorld

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

Top things businesses need to know about fraud prevention in today’s environment

Treasury and fraud specialists Scott Edwards, Director of Fraud Risk Management, and Todd Martin, SVP, Treasury Management ...

Harley dealers unite behind CEO Starrs amid Indian Motorcycle attack ad

Harley-Davidson dealers are speaking out against a new Indian Motorcycle campaign that attacks Harley and its CEO Artie ...
Opinion
Foreign AffairsOpinion

The Strange Defeat of Nuclear Deterrence

Most of these bases were home to Russian strategic heavy bombers—aircraft capable of carrying nuclear weapons. Using Russia’s mobile phone network, Ukrainian operatives remotely launched the drones, ...
Opinion
The Caledonian-RecordOpinion

ZimCal (BIMIZCI) Calls Out Medallion Financial’s Latest Attempt at Distracting From its Core Underperformance by Using MFIN’s Favored Tactic of Personal Attacks

ZimCal Asset Management through BIMIZCI Fund LLC provides a longer response to Medallion Financial’s inaccurate and misleading June 4, 2026 press release, which was transparently designed to ...