Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, ...

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

Criminal hackers have used artificial intelligence to develop a working zero-day exploit, the first confirmed case of its ...

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...

This release only supports Ubuntu 24.04 for DeepStreamSDK 9.0 with Python 3.12 and gst-python 1.24.1! Since DeepStream Python bindings are deprecated, there will be no more wheel files released from ...

AI developer cloud company Runpod has announced Flash, an open source Python software development kit (SDK) designed to ...

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...