JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
InfoWorld

Python isn’t always easy

How to overcome a few of the harder stasks in Python, such as creating stand-alone Python apps, backing up SQLite databases, ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
InfoWorld

The best new features in Python 3.15

Highlights of Python 3.15, now available in beta, include lazy imports, faster JITs, better error messages, and smarter ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
The Hacker News

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...