Decrypt

Anthropic Accidentally Leaked Claude Code's Source—The Internet Is Keeping It Forever

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Xavier Dupont de Ligonnès: the manhunt for the ‘French Lord Lucan’

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...
Opinion

HAL'S HEADLINES: Potholes same as last year but nothing like 2024

The article reports that 1,274 potholes had been reported by drivers, a slight increase from the previous year's 1,249, but nothing compared to 2024's 3,367 reported potholes. The article calls ...

Top LLM PyPl package compromised to steal user details - here's what we know

Popular Python package LiteLLM compromised in supply chain attack Malicious updates (v1.82.7, v1.82.8) deployed TeamPCP Cloud Stealer infostealer Attack harvested cloud credentials, Kubernetes secrets ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

OpenAI to buy Python toolmaker Astral to take on Anthropic; revamp product portofolio

OpenAI said on Thursday it will buy Python toolmaker Astral, as the ChatGPT maker seeks to strengthen its portfolio against ...
TechAnnouncer

Master Python with This Comprehensive Udemy Course

Get Python installed on your computer, no matter the operating system. Learn about Python’s data types like strings, lists, ...

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.
Los Angeles Times

Speaker Johnson says he disapproves of Justice Department logging lawmaker searches of Epstein files

This is read by an automated voice. Please report any issues or inconsistencies here. Justice Department officials tracked lawmakers’ search histories while they reviewed Epstein investigation files ...