Supply Chain Attacks

Feeds to Scour
SubscribedAll
Scoured 70 posts in 31.2 ms

Why Microsoft yanked its own code

 🔓Open Source Software
runtime.news·

Vulnerability and malware checks in uv

 Astral Tools  Content type: Blog
astral.sh··Lobsters, Hacker News, Hacker News

magenta/magenta-realtime: Magenta RealTime 2: An Open-Weights Live Music Model

 🆕New AI  Content type: Code
github.com·

For the 2nd time in weeks, Microsoft packages laced with credential stealer

 💻Coding Agents  Content type: News
arstechnica.com··Lobsters, Hacker News

Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account

 🔄GitHub Actions
hackread.com·

Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents

 💻Coding Agents  Content type: Blog
stepsecurity.io··Hacker News

OpenTelemetry Django: Traces, Metrics and Database Monitoring

 💾Databases
uptrace.dev·

Meet Hades: The malware that lies to AI security agents

 💉Prompt Injection  Content type: News
infoworld.com··Hacker News

Code is being written everywhere, and the device is the only constant

 📋MCP  Content type: Blog
aikido.dev·

GOTabPFN: From Feature Ordering to Compact Tokenization for Tabular Foundation Models on High-Dimensional Data

 🔍Search Indexing  Content type: Academic
arxiv.org·

apache/arrow-nanoarrow: Helpers for Arrow C Data & Arrow C Stream interfaces

 📄File Formats  Content type: Code
github.com··Hacker News

What’s up Python? Pip supports locking, .pth files deprecated

 📦uv  Content type: News
bitecode.dev·

Her · हेर — a detective for your Claude Code sessions

 🔌Claude Plugins  Content type: Blog
huggingface.co·

GitHub disables Microsoft repos pushing password-stealing malware

 🔧Developer tools  Content type: News
bleepingcomputer.com··Hacker News

Lazarus Group Uses npm Brandjacking Campaign to Target Developers

 🔧Developer tools
hackread.com·

Finally, a Codex Python SDK — Here’s What It Actually Does

 Async/Await
pub.towardsai.net
·

Introduction - Rust for Python Programmers

 🦀Rust
microsoft.github.io··Hacker News

Devs know AI code is riddled with holes, but ship it anyway

 🔧Developer tools  Content type: News
theregister.com··Hacker News

npm Tooling Bug Incorrectly Marks One-Character Packages as Security Holders

 🏗️Build Systems  Content type: Blog
socket.dev·

Miasma Worm Targets AI Coding Agents via GitHub Repos

 💻Claude Code
safedep.io··Hacker News

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help