The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...
XDA Developers on MSN

I vibe-coded a tiny CLI tool in 15 minutes, and it helped me stop subscriptions I was too lazy to cancel

I used vibe coding to take control of my subscriptions.
Morning Overview on MSN

PyTorch Lightning versions 2.6.2 and 2.6.3 were compromised on April 30 — check your installs immediately

On April 30, two releases of one of the most popular machine learning libraries on the Python Package Index were caught ...
eLife

Metabolic basis of the astrocyte-synapse interaction governs dopaminergic-motor connection

Here, we report that glycolysis controls astrocyte-synapse contact. In the Drosophila larval dopaminergic (DAergic) circuit, blocking astrocyte glycolysis stimulated perisynaptic ensheathment by ...
eLife

Use-dependent regulation of the axonal action potential in parvalbumin-expressing interneurons

Medical Scientist Training Program, The University of Pennsylvania Perelman School of Medicine, Philadelphia, United States ...
The Hacker News

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

SMS blasters, npm supply chain hits, and unpatched Windows flaws. Stay ahead of new phishing kits and exposed servers.
NPR

Sources & Methods

National security, unlocked. Each Thursday, host Mary Louise Kelly and a team of NPR correspondents discuss the biggest national security news of the week. With decades of reporting from battlefields ...