SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
InfoWorld

VS Code now updates weekly

Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
The New York Times

Climate and Environment

Several of the Earth’s systems are changing faster than predicted as global temperatures rise, scientists say. By David Gelles The suit accuses the agency of illegally repealing the endangerment ...
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...