The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

I've used Linux for 30 years - 4 frustrations remain, including 2 that may push me to MacOS

I've used Linux for 30 years - 4 frustrations remain, including 2 that may push me to MacOS ...

High-severity vulnerability in Linux caused by a single faulty character

Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by ...

How to try out over 85 Linux distros, no installation required - with DistroSea

How to try out over 85 Linux distros, no installation required - with DistroSea ...
InfoWorld

Pyrefly 1.0: A fast, forward-looking Python linter

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
The Hacker News

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

CVE-2026-23111 is a Linux kernel nf_tables use-after-free that lets an unprivileged local user escalate to root and escape a ...

DIY Handheld LattePanda Linux Cyberdeck Build Guide from Scratch

Discover the hardware and software secrets behind building a powerful, portable Linux PC that fits right in your hands.
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...