PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
InfoWorld

GitHub shifts Copilot to usage-based billing, signaling a new cost model for enterprise AI tools

The move reflects rising compute demands and agentic workflows, requiring CIOs to rethink budgeting and governance.

GitHub Copilot shifts to usage-based pricing June 1 - why that's no surprise

Under the new approach, if you run out of credits, you can't use the service. GitHub plans to preview the new billing in ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

How I set up Claude Code in iTerm2 to launch all my AI coding projects in one click

Managing multiple Claude Code projects doesn't have to be chaotic. My iTerm2 setup dramatically reduces friction in my daily AI-assisted coding workflows - here's how.
eWeek

Anthropic Debuts ‘Repeatable Routines’ in Major Claude Code Automation Update

Anthropic introduces “repeatable routines” in Claude Code, bringing AI-powered automation and a redesigned workspace to ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

MCP Code Mode: How Bifrost Cuts Token Usage by 50%

Bifrost stands out as the leading MCP gateway in 2026, pairing native Model Context Protocol support with Code Mode to cut token usage by 50% or more across multi-server agent workflows. You might ...