The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
GitHub

Model Context Protocol servers

This repository is a collection of reference implementations for the Model Context Protocol (MCP), as well as references to community-built servers and additional resources. Important If you are ...
GitHub

FEALPy:Finite Element Analysis Library in Python

While beginning with the finite element algorithm, FEALPy's sights are set on exploring vast horizons. We hope FEALPy will be an open-source library for intelligent CAX algorithms, integrating CAX ...
Morning Overview on MSN

Three separate supply-chain attacks hit npm, PyPI, and Docker Hub within 48 hours — all three targeted developer cloud credentials and SSH keys

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software registries on the internet within a span of roughly 48 hours. The targets were ...