The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
IEEE

RefleXGen:The unexamined code is not worth using

Abstract: Security in code generation remains a pivotal challenge when applying large language models (LLMs). This paper introduces RefleXGen, an innovative method that significantly enhances code ...
SecurityWeek

Hackers Weaponize Claude Code in Mexican Government Cyberattack

Anthropic’s Claude Code assistant has been abused in a cyberattack against the Mexican government’s systems, Israeli cybersecurity startup Gambit Security reports. As part of the attack, ten Mexican ...
GitHub

A minimal, secure Python interpreter written in Rust for use by AI.

Experimental - This project is still in development, and not ready for the prime time. A minimal, secure Python interpreter written in Rust for use by AI. Monty avoids the cost, latency, complexity ...