The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

AI bots could outnumber humans online by 2027, warns Cloudflare CEO

As AI agents scour thousands of websites in seconds, bot traffic could soon dominate the internet, raising concerns over ...
InfoWorld

OpenAI buys non-AI coding startup to help its AI to program

OpenAI on Thursday announced the acquisition of Astral, the developer of open source Python tools that include uv, Ruff and ty. It says that it plans to integrate them with Codex, its AI coding agent ...

Integration into Codex: OpenAI acquires startup Astral

With the acquisition of Python tool developer Astral, OpenAI is expanding its commitment in the coding sector and aims to further develop its Codex platform.

Here’s how to vote in Texas’ May 26 primary runoff elections

Voters will decide over 30 races, including a nationally watched battle between John Cornyn and Ken Paxton. The registration ...

‘The Karpathy Loop’: Former OpenAI researcher’s autonomous agents ran 700 experiments ...

Karpathy's 'autoresearch' agent did not improve its own code, but it points towards systems that could as well as towards way ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
TweakTown

Elgato Stream Deck+ XL shown running the original DOOM game with controller

A developer has used OpenAI Codex to successfully port the original DOOM game over to Elgato's Stream Deck+ XL, and even a controller can be used.