The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...

Devs know AI code is riddled with holes, but ship it anyway

Research by AppSec biz Checkmarx finds that 70 percent of developers believe AI-generated code has more vulnerabilities, and ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Black Girls Code and GoldieBlox Launch a New Season of Code Along to Expand AI Literacy for Girls Ready to Build What’s Next

Technology is reshaping every industry, every career path, and nearly every aspect of how we live, work, create, and connect.
Memeburn

Microsoft's GitHub Repos Were Hacked to Steal AI Developer Passwords

Hackers injected malware into 73 Microsoft GitHub repos on June 5, 2026. The attack targeted AI coding tools like Claude Code ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

Kimi K2.7-Code cuts thinking tokens 30% — but practitioners say the benchmarks don't check out

Kimi K2.7-Code claims 30% fewer thinking tokens and a drop-in API swap path, but independent benchmarks show kernel ...
NewsBytes

Perplexity launches 'Search as code' to write Python search code

Perplexity CEO Aravind Srinivas introduced a groundbreaking “search as codegen” system, enabling AI agents to execute complex tasks through Python-based workflows.
Inside Higher EdOpinion

A Practical Framework to Help Students Use AI in Learning

The risk of cognitive outsourcing is real. But there is reason for optimism, if students are taught good AI habits early and ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

DUALITY TECHNOLOGIES LAUNCHES VERSION 4.6, MAKING MULTI-ORGANIZATION ANALYTICS AND AI EASIER TO DEPLOY

Duality Technologies today announced the general availability of Duality 4.6, introducing capabilities that make secure data collaboration, AI, and analytics easier to deploy across organizations with ...
Dark Reading

US Cracks Down on Anthropic AI Models Amid Abuse Concerns

Anthropic suspended all access to Fable 5 and Mythos 5 after receiving an export control directive that banned foreign ...