SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
Cybernews

Hackers hijack Microsoft packages to steal developer logins

The malware used in the attack was dubbed “Miasma” and is described as a self-replicating worm designed to harvest login ...

Apple Outlines Major AI and Developer Tool Updates at 2026 Platforms State of the Union

Apple yesterday held its WWDC 2026 Platforms State of the Union, detailing a wide range of updates to its developer tools and ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

7 Best Software Development Project Management Tools in 2026

Discover the best software development project management tools, tested for agile teams, DevOps pipelines, and enterprise ...
SF Weekly

How a San Francisco open-source project became the data layer for global AI

San Francisco's AI economy is mostly being defined by the companies spending the most. Foundation model labs raise billions, ...
winbuzzer.com

Perplexity Lets AI Agents Write Their Own Search Code

Perplexity introduced Search as Code as a reference architecture for AI-written Python search workflows, following its 2025 real-time Search API. The new approach shifts the pitch from repeatedly ...
InfoWorld

Pyrefly 1.0: A fast, forward-looking Python linter

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.
diginomica

Determinism all the way down – how UiPath's market bet and the engine beneath it turn out to be the same idea

UiPath cofounder and CEO Daniel Dines goes deep on the machinery under the platform – the Temporal engine that lets an ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.