The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Electronics360

New versatile programmable gain amplifier delivers precision control from 0.5 to 10 GHz of RF spectrum

The LPA-103V operates from 0.5 GHz to 10 GHz with a 30 dB gain control range and an impressive 0.1 dB step size, delivering ...

Sightline Intelligence Launches AI Training Tools and 3.11 Software for Mission-Adaptive Edge AI

New capabilities enable customers to adapt proven AI models for mission-specific environments, autonomous workflows, ...
NewsBytes

Perplexity launches 'Search as code' to write Python search code

Perplexity CEO Aravind Srinivas introduced a groundbreaking “search as codegen” system, enabling AI agents to execute complex tasks through Python-based workflows.
MSN on MSN

These 5 Python libraries turned me into a better data analyst than Excel ever could

The power of Python trumps Excel workbooks.

Kimi K2.7-Code cuts thinking tokens 30% — but practitioners say the benchmarks don't check out

Kimi K2.7-Code claims 30% fewer thinking tokens and a drop-in API swap path, but independent benchmarks show kernel ...

Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...