The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

'Please do not vibe f--- up this software': Broken backups spark AI coding row in rsync project

Users probe backup failures find Claude-assisted commits. Veteran engineer retorts: 'I did not just vibe-code 'convert test ...
GitHub

Medusa: Simple Framework for Accelerating LLM Generation with Multiple Decoding Heads

[2024/1] Medusa technical report is now available on arXiv. We've added multiple new features, including Medusa-2 recipe for full-model training, self-distillation for adding Medusa to any fine-tuned ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python ...

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix maps every blind spot and fix.
PC World

Windows 11’s File Explorer is finally fixing an annoying file size quirk

PCWorld reports that Microsoft is restoring the missing ‘Refresh’ and ‘Print’ options to Windows 11 File Explorer’s right-click context menu after user complaints. These essential features are ...
GitHub

An open-source Python program or a CLI Tool to upload/download files/folders to/from Telegram effortlessly.

Git installation is optional if you prefer downloading tg-upload as zip file using the releases section. Starting from release v1.0.1, tg-upload no longer supports Termux due to the absence of some ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Birgitta Böckeler, Distinguished Engineer at ...
Fast Company

Y Combinator’s CEO says he ships 37,000 lines of AI code per day. A developer looked under the hood

We love a good ol’ social media roast, and Y Combinator CEO Garry Tan found himself on the business end of a doozie Wednesday. Absolutely insane week for agentic ...
Los Angeles Times

Anthropic accidentally leaked thousands of lines of code

Anthropic inadvertently released internal source code behind its popular artificial-intelligence-powered Claude coding assistant, raising questions about the security of an AI model developer that has ...