Fake OpenAI repository on Hugging Face pushes infostealer malware

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...
The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

SilverFox targets users in India with fake IT department phishing attacks

Cybersecurity firm Kaspersky attributed a global wave of phishing attacks to the SilverFox threat group masquerading as tax ...
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

Moderne Expands Agent Tools Platform with C# Support for Deterministic .NET Transformation

Moderne, the Agent Tools company for AI-driven software engineering, today announced C# language support across its platform, extending deterministic, large-scale code transformation to .NET codebases ...

What you'll pay for AI agents will be wildly variable and unpredictable

A test of leading AI agents found vastly different amounts of tokens consumed with no transparency and no guarantees of ...
Vanguard

Etchie builds AI tools to improve students learning of software engineering

Etchie builds AI tools to improve students learning of software engineering In the evolving world of software development, ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
InfoWorld

12 model-level deep cuts to slash AI training costs

Stop throwing money at GPUs for unoptimized models; using smart shortcuts like fine-tuning and quantization can slash your ...
Decrypt

You Installed Hermes. Now Make It Look Better Than ChatGPT or Claude

The terminal is fine. But if you actually want to live in your Hermes agent, here are the four best GUIs the community has ...
i-SCOOP

SubQ by Subquadratic, the end of AI memory hacks?

SubQ by Subquadratic claims a 12 million token context window with linear scaling. Here is what it means for RAG, coding ...