Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...
GitHub

Python Code Examples for Accessing and Analyzing SEC's XBRL Data Sets

This repository contains Python code examples to demonstrate how to read data from SEC's Financial Statement and Notes Data Sets using the Pandas package https://pypi ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

Benevolent dictator Zuck will give Meta staff 30-minute breaks from keylogging privacy assault

Throughout Zuck’s six-minute monologue, he repeatedly referred to Meta staff as “smart people". Whether this was to soften ...

Who is TeamPCP, the rising hacker group targeting open-source software and AI tools?

TeamPCP is an increasingly notorious group of cybercriminals that carry out software supply chain attacks, where hundreds of ...
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...
Mile High CRE

Movers and Shakers Week Ending 06.05.26

Week Ending 06.05.26 - Movers and Shakers ...

Atmosphere survival model refines search for habitable planets

Researchers have developed the Smaller Than Earth Habitability Model (STEHM) to assess which planets can maintain ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI models before authentication is checked.

His chatbot nearly ruined him. To recover, he had to destroy it.

Unrequited love drove a 57-year-old man to an AI. Delusions of grandeur followed.