Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Netflix wiz creates app to slash AI bills, then open sources it

As the COOs from both Uber and Microsoft recently learned, encouraging company engineers to use AI aggressively can lead to ...
Tech Times

AI Agent Discovery Gets Open DNS Standard: DNS-AID Launches Under Linux Foundation

AID, launched under the Linux Foundation, lets AI agents find each other through existing DNS infrastructure using SVCB ...

Beyond RAG: Why every AI search platform is now agentic and what that means for your content

AI search has outgrown simple RAG. Learn how today’s hidden AI retrieval systems decide whether your content gets surfaced or ...
CBS News

U.S. students' "reading recession" continuing but some places bucking the trend, report shows

Modesto, Calif. — Before every important test, teacher Nancy Barajas dims the lights, turns on a disco ball and blasts music from her playlist. Her sixth graders dance together as a "pre-celebration" ...
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Newsweek

Map Shows States Where Children’s Reading Scores Are Getting Worse

See more of our trusted coverage when you search. Prefer Newsweek on Google to see more of our trusted coverage when you search. A new national analysis from researchers at Harvard, Stanford and ...
Dark Reading

Google API Keys Remain Active After Deletion

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...
Polygon

A lost X-Files movie will premiere on Disney Plus next month

Before Ryan Coogler’s reboot of The X-Files arrives, Disney will be giving us a brand-new cut of the 2008 thriller The X-Files: I Want to Believe. According to a news release from Disney, the company ...