The Register on MSN

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...
WGCU Public Media

Don’t toss it yet: How BounceBack Pickle revives dead pickleballs

One young entrepreneur, Dillon Rosenthal, 22, has come to a solution for the ignored plastic waste issue from pickleball.