Script Injection and Data Theft: Python Data Analysis Tool Compromised

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
Decrypt

Minnesota Moves to Ban AI Apps That Generate Fake Nude Images

The bill, which bans AI tools that generate fake nudity and lets victims sue their creators, will go to Governor Walz for his ...

Anthropic brings Photoshop, Premiere Pro, Blender and more creative apps to Claude: here's how it works

Anthropic has upgraded its Claude AI assistant with new connectors for Adobe Creative Cloud, Blender, and Autodesk among ...

Linux vulnerability "Copy Fail" is already being attacked

The Linux "Copy Fail" vulnerability, which grants attackers root privileges, became known before the weekend. It is already ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
Wyoming Tribune Eagle

/C O R R E C T I O N -- fal/

In the news release, fal Launches HappyHorse-1.0, the #1-Ranked AI Video Model, as Official API Partner, issued 27-Apr-2026 ...