Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...

I might never have to remember what I named my files again ...

Google’s Gemma series continues to throw up all kinds of interesting models. The latest is Magenta RealTime 2 (MRT2), an open-weights model ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

The smartest way to use AI may not be letting it touch your files, but asking it to write software that handles them safely - ...

I ditched my terminal for Claude's built-in code executor, and I'm not going back.

Julia reactive notebook Pluto.jl reached version 1.0 on May 27, ending six years of development with a stable API commitment.

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

At Microsoft Build, GitHub unveiled a desktop app that bundles parallel AI agent sessions and accompanies the CI/CD process ...

With Microsoft's new Dev Configs, a Windows installation becomes a ready-to-use developer workstation with a single command – ...