The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

One tool call to rule them all? New open source Python tool Runpod Flash eliminates containers for faster AI dev

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential ...
Morning Overview on MSN

PyTorch Lightning versions 2.6.2 and 2.6.3 were compromised on April 30 — check your installs

On April 30, 2026, someone slipped credential-stealing malware into two freshly published versions of PyTorch Lightning, one ...

Solana rolls out Pay.sh with Google Cloud to bring pay-per-use API payments to AI

Solana and Google Cloud introduce Pay.sh, enabling AI agents to pay per API call, hinting at a shift from subscriptions.

GitHub fixes RCE flaw that gave access to millions of private repos

In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed ...
CSO Online

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub employees fixed a critical remote code execution vulnerability in less than six hours last month. Wiz Research used AI ...
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...
InfoQ

GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and ...
Morning Overview on MSN

GitHub patches critical remote code execution flaw in private repositories

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...