CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
eLife

Unbend: Correction of local beam-induced sample motion in cryo-EM images using a 3D spline model

This paper describes Unbend - a new method for measuring and correcting motions in cryo-EM images, with a particular emphasis on more challenging in situ samples such as lamella and whole cells. The ...
InfoWorld

OpenAI launches Aardvark to detect and patch hidden bugs in code

Currently in private beta, the GPT-5-powered security agent scans, reasons, and patches software like a real researcher, ...

Python rejects $1.5M grant from U.S. govt. fearing ethical compromise

The Python Software Foundation (PSF) has withdrawn its $1.5 million grant proposal to the U.S. National Science Foundation ...
CSO Online

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, ...
The Hacker News

OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically

OpenAI’s GPT-5 Aardvark scans, exploits, and patches software flaws autonomously—marking a leap in AI-driven cybersecurity.