The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
The Florida Times-Union

Key Food Jax opens newest grocery store in Jacksonville's Westside

A new grocery store, Key Food Jax, has opened on Jacksonville’s Westside. The store offers fresh produce, a full-service meat department and a wide range of international products. It also features a ...
Indiatimes

Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack' that could have wiped millions of SSL private keys, database passwords, more; and Elon ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack "software horror"—and the details are genuinely alarming. A compromised version of LiteLLM ...
CNX Software

Bee Write Back – A Raspberry Pi Zero 2 W-based DIY writerdeck with 5.5-inch OLED and mechanical keyboard

Based on Raspberry Pi Zero 2 W, the Bee Write Back writerdeck is another DIY project that should be relatively easy to ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
CNX Software

ESP32-S3 gets post-quantum encryption with Aethyr Edge Node open-source firmware

Aethyr Research has released post-quantum encrypted IoT edge node firmware for ESP32-S3 targets that boots in 2.1 seconds and ...
The New York Times

U.S. Tells Citizens to Leave Iraq After Second Attack on Embassy

An Iran-backed militia took responsibility for an overnight attack on the U.S. Embassy in Baghdad. President Trump called on other nations to help escort oil tankers through the Strait of Hormuz.
The New York Times

Kuwaiti Tanker Full of Oil Struck Off Dubai Day After Trump’s Threats

Kuwaiti Tanker Full of Oil Struck Off Dubai Day After Trump’s Threats The vessel caught fire and sustained damage, its owner said on Tuesday, adding that there was the potential for an oil spill in ...