PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
Gizmodo

Books & Comics

The next book in the series, 'Platform Decay,' arrives in May, and there's a second season of the Apple TV adaptation on the way too. His many accomplishments include co-creating the Punisher and the ...