The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...
Tech Times

AI Agent Discovery Gets Open DNS Standard: DNS-AID Launches Under Linux Foundation

AID, launched under the Linux Foundation, lets AI agents find each other through existing DNS infrastructure using SVCB ...
Tech Times

VS Code Agents Hit Stable: Air-Gapped BYOK Unlocks Enterprise AI Coding

VS Code agents are now in Stable preview, and the 1.122 update removed the GitHub OAuth requirement from BYOK, letting defense, healthcare, and finance developers run fully air-gapped AI-assisted ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
InfoWorld

Pyrefly 1.0: A fast, forward-looking Python linter

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.
MSN on MSN

I built a fully local AI coding assistant in Windows with Ollama and VS Code

The only operating cost is electricity.
WinBuzzer

Developer Turns Azure Linux 4 Into Bootable Desktop-App

Author and project developer Hayden Barnes has built Azure Linux Desktop as an experimental Windows app that boots a full ...