The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
MacStories

Introducing Shortcuts Playground: Create Apple Shortcuts with Claude Code or Codex

Today, I’m pleased to introduce something I’ve been working on for the past six months: Shortcuts Playground, a plugin for ...

Anthropic Just Bought a Developer Tool Used by OpenAI, Google

Anthropic acquired SDK startup Stainless, signaling a deeper push into developer tooling as AI labs compete beyond model ...

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

Anthropic Buys The SDK Pipeline OpenAI And Gemini Depend On

Anthropic acquired Stainless, the SDK compiler behind OpenAI, Gemini and Llama. The deal hands one AI lab structural leverage ...
Analytics Insight

7 Trusted Data Collection Services for Enterprise Businesses in 2026

Your data pipeline isn't just a back-end function. It's the intelligence layer that decides whether your business acts before competitors do or catches up after the fact. Finding a trusted full ...

n8n: Updates fix critical security vulnerabilities in automation platform

The update was announced to all admins via email; they should apply it promptly. Code injection is a risk. As announced on Monday, the n8n team has now released three new versions for its popular ...
Business Wire

Parse Biosciences Launches Workflow for Immune Repertoire and Transcriptome Analysis

SEATTLE--(BUSINESS WIRE)--Parse Biosciences, the leading provider of accessible and scalable single cell sequencing solutions, today announced the launch of a fully integrated immune repertoire and ...
The Hacker News

Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code

Three critical security flaws have been disclosed in an open-source utility called Picklescan that could allow malicious actors to execute arbitrary code by loading untrusted PyTorch models, ...