Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

Cohere open-sources a coding agent that runs on a single H100

Cohere's North Mini Code ranks 8th of 127 open-weight models on output speed — but generates 3x the output tokens of ...
Interesting Engineering on MSN

Hugging Face’s new $2.5k LeRobot humanoid brings 3D-printed robotics within reach

Humanoid robots remain out of reach for most people due to their high cost, ...
Tech Times

Open Source Robotics AI Reaches Inflection Point: LeRobot Hub Surpasses 58,000 Datasets in One Year

Open source robotics AI platform LeRobot surpassed 58,000 community datasets in 2026 — 50x growth in under a year — making it the largest dataset category on Hugging Face and signaling a ...
Opinion

After filing for its IPO, Anthropic says AI should slow down. Fat chance.

No sooner did Anthropic file for its initial public offering of stock this week than it then put out a missive suggesting that AI model makers need to slow down to let us catch our breath — or else AI ...