New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Fireship on MSN

Why Anthropic's purchase of Bun surprised everyone

In a surprise twist, Anthropic has acquired Bun, the popular JavaScript runtime, igniting discussions within the developer ...
theregister

Anthropic’s Bun Rust rewrite merged at speed of AI

A pull request with a Rust version of Anthropic’s Bun, a JavaScript toolkit and runtime originally written in Zig, has been merged to the main Bun repository. This comes just days after its author, ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...
GitHub

Update Bun runtime description from Zig to Rust # 30746

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
techzine

Bun takes a surprising step from Zig to Rust

The developers of the JavaScript runtime Bun have decided to largely rewrite the platform in Rust. In doing so, the project is moving away from Zig, the programming language that made Bun famous in ...