PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Hacker News

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.

OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts

OpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential ...
Decrypt

OpenAI Rolls Out Advanced Account Security for ChatGPT Users

OpenAI's new opt-in security feature requires passkeys, limits recovery options, and excludes chats from training.

Deepfakes Are Coming for Your Bank Account

But the most realistic deepfakes I was able to create did not involve politicians or celebrities. They mostly did not depict ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

OpenAI Introduces Password-Free Login for Millions of ChatGPT Users

OpenAI’s Advanced Account Security lets ChatGPT and Codex users replace passwords with passkeys or security keys, but ...
News.az

New “Copy Fail” bug puts Linux systems at serious risk

The high-severity vulnerability, tracked as CVE-2026-31431 (CVSS score: 7.8), has been codenamed “Copy Fail” by Xint.io and ...

Hellish conditions, damaging delays and uncertain justice fuel mental health crisis in SC jails

Hundreds of mentally ill people are languishing for months in South Carolina jails, deprived of needed treatment in a legal ...