The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
SecurityWeek

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.
SecurityWeek

Cisco Releases Open Source Tool for AI Model Provenance

The new kit aims to address risks related to poisoned models, regulatory issues, supply chain integrity, and incident ...

Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own

If OpenAI can accidentally train its flagship model to obsess over goblins, what other more subtle and potentially harmful ...

Copy fail flaw impacts all Linux kernels released since 2017

Linux users should update their servers now, or face possible attack.
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
MUO on MSN

I switched to Linux for local LLMs and setup that took hours on Windows took minutes

What looks simple on Windows quietly turns into hours of troubleshooting.