News

The Hacker News8d

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.

Nearly half of all code generated by AI found to contain security flaws - even big LLMs affected

Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode has found.