GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

IIT Delhi opens admissions for online applied AI, ML and decision science course 2026

IIT Delhi has announced admissions for its Applied AI, ML and Decision Science Programme, an eight-month online certification ...

Java's Project Valhalla finally lands a preview in JDK 28

Don't hold your breath, though – architect Brian Goetz warns devs it will likely still be preview in next LTS release ...
eWeekOpinion

Anthropic Hits the Self-Coding Panic Button

To stop this from spiraling, Anthropic calls for a verifiable, industry-wide pause—a kind of AI arms-control treaty—because ...
Tech Times

Agentic AI Security Alarm at Infosecurity Europe: Free LLM Now Powers Adaptive Worm

Agentic AI security dominated Infosecurity Europe 2026 as Toronto researchers proved a free open-weight AI worm can ...
WeLiveSecurity

OceanLotus: From external espionage to domestic targeting

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
CSO Online

Google’s Vertex AI SDK could allow RCE through bucket squatting

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...

Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...
InfoQ

Why Vector Search Alone Isn't Enough: Hybrid Retrieval for RAG

In this article, author Aaditya Chauhan discusses the limitations of RAG pipelines based purely on vector search and how an ...