Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...
Popular GitHub repos like Microsoft’s “Generative AI for Beginners” and “LLMs from Scratch” teach modern AI concepts step by ...
Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...
Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
A malicious repository on Hugging Face impersonated OpenAI’s “Privacy Filter” project and briefly reached the platform’s top trending position before removal ...
A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...
Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...
Morning Overview on MSN
Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it
A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results