The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
ET CIO

Top 7 Data Orchestration Tools for Enterprises in 2026

Explore the leading data orchestration platforms for 2026 with quick comparisons, practical selection tips, and implementation guidance to keep your data pipelines reliable and scalable.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
TechRadar

Linux users report Microsoft's Visual Studio Code Snap package isn't actually deleting files

VS Code Snap package bug on Linux keeps deleted files, clogging hard drives Snap creates separate local Trash folders per version, compounding storage issues No fix yet; users advised to install VS ...
InfoWorld

PythoC: A new way to generate C code from Python

PythoC lets you use Python as a C code generator, but with more features and flexibility than Cython provides. Here’s a first look at the new C code generator for Python. Python and C share more than ...
Fox News

FBI warns of QR code scam disguised in mystery packages

QR codes that were once seen as a convenient shortcut for checking menus or paying bills have increasingly been turned into weapons. Fake delivery texts, counterfeit payment links and malicious codes ...
International Monetary Fund

A Python Package to Assist Macroframework Forecasting: Concepts and Examples

In forecasting economic time series, statistical models often need to be complemented with a process to impose various constraints in a smooth manner. Systematically imposing constraints and retaining ...
acm.org

Nonsense and Malicious Packages: LLM Hallucinations in Code Generation

The goal of generative AI tools, powered by large language models (LLMs), is to finish the task assigned to them; to provide a complete response to a prompt. As is now well-established, models ...
InfoWorld

Use UV to run Python packages and programs without installing

Astral's uv utility simplifies and speeds up working with Python virtual environments. But it has some other superpowers, too: it lets you run Python packages and programs without having to formally ...
C&EN

PyOpticon: An Open-Source Python Package for Laboratory Control, Automation, and Visualization

Department of Mechanical Engineering, Stanford University, Stanford, California 94305, United States Precourt Institute for Energy, Woods Institute for the Environment, and Doerr School of ...
Wired

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

AI-generated computer code is rife with references to nonexistent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...