A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...

Anaconda Inc., the trusted foundation for AI-native development, today announced the acquisition of Outerbounds, the company behind Metaflow, the open source AI/ML orchestration framework trusted by ...

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.

This study highlights the potential for using deep learning methods on longitudinal health data from both primary and ...