VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
CSOonline

ClickFix finds a backup plan in PySoxy proxy chains

ReliaQuest observed attackers pairing ClickFix with the PySoxy proxy tool to establish redundant encrypted access paths and persistence on compromised systems. ClickFix, a one-shot social engineering ...
The Idaho Press-Tribune

Request to use chain saws in wilderness sparks protest

A request by the Idaho Outfitters and Guides Association to allow chain saw use for trail clearing in the Frank Church-River of No Return Wilderness Area has sparked protest from more than 100 ...
The New York Times

Your Doctor Is Using A.I. to Take Notes. What Could Go Wrong?

Apps that record visits are becoming popular, but they come with privacy and accuracy concerns. By Simar Bajaj At your next appointment, your doctor may have a new kind of assistant listening in: ...
The New York Times

Federal Court Denies Anthropic’s Motion to Lift ‘Supply Chain Risk’ Label

The ruling was a setback for the artificial intelligence start-up in its battle with the Defense Department over the use of A.I. in warfare. By Mike Isaac Reporting from San Francisco A panel of ...
CNBC

Anthropic loses appeals court bid to temporarily block Pentagon blacklisting

A federal appeals on denied Anthropic's request for a stay in its lawsuit against the Department of Defense. The DOD officially designated Anthropic a supply chain risk in early March and said the ...
Yahoo

Best bike chain lube 2026: The best lubricants to use on your bike's chain

Add Yahoo as a preferred source to see more of our stories on Google. When you buy through links on our articles, Future and its syndication partners may earn a commission. Credit: Tom Wieckowski If ...
CBS News

Judge blocks Pentagon from labeling Anthropic AI a "supply chain risk" and halts Trump's ban on federal use

A judge has blocked the Trump administration from labeling Anthropic a "supply chain risk" and cutting off all federal work with the artificial intelligence firm, an early win for Anthropic in its ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
Democracy Now

Speeding Up the “Kill Chain”: Pentagon Bombs Thousands of Targets in Iran Using Palantir AI

As the U.S.-Israeli war on Iran continues, we look at how the Pentagon is using artificial intelligence in its operations. The system, known as Project Maven, relies on technology by Palantir and also ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...