InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
The Hacker News

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic ...
The Hacker News

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

ManageEngine Strengthens OpManager Nexus and Log360 Platforms With Real-Time Network Observability and Native SOAR Capabilities

ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today announced ...
JD Supra

Glasswing widens: Anthropic puts Mythos inside power, water and hospital operators across more than 15 countries

Anthropic on Tuesday expanded Project Glasswing beyond its roughly 50 initial partners, extending access to a new cohort of approximately ...
eWeekOpinion

Anthropic Hits the Self-Coding Panic Button

To stop this from spiraling, Anthropic calls for a verifiable, industry-wide pause—a kind of AI arms-control treaty—because ...
Cybernews

Hackers hijack Microsoft packages to steal developer logins

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...