The Hacker News

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

CVE-2026-31431 exploited in Linux since 2017, enabling root access via simple PoC, increasing container and cloud risks.

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

Do we even need Anthropic or OpenAI's top models, or can we get away with a smaller local model? Sure, it might be slower, ...
Phys.org

New open-source Python-based software boosts space-weather modeling

University of Birmingham experts have created open-source computer software that helps scientists understand how fast-moving particles behave when they interact with electromagnetic waves in space.
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
AZ Animals

The Snake That Lays Up to 80 Eggs and Shivers to Warm Them

Reticulated pythons sometimes need a little assistance getting out of their eggs when hatching. Read here to learn more.

The things we’re building

For the last couple of weeks, I’ve been asking you to share the things you’ve been making recently. Apps, games, albums, ...

"Copy Fail" is a rare Linux bug that can turn an unprivileged user into a root admin in seconds

Copy Fail could represent a significant security risk in the making. The vulnerability was discovered by researchers at ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who have found exploitable instances in many commercial services and open-source ...

INTERVIEW | 'Snakebite accidental, indiscriminate killing can scuttle bio-balance': Kerala forest officer

Amid an intense summer, Kerala is witnessing a spike in snakebite deaths – seven within the past two weeks – which has spread ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...