Biometric Update

NIST releases latent fingerprint biometrics training data, quality assessment software

The training data and open source fingerprint quality assessment software will help improve the performance of matching ...
The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

This App Makes Even the Sketchiest PDF or Word Doc Safe to Open

When somebody sends you a document as an attachment, don't just open it. Use the free tool Dangerzone to scrub it clean of ...

Self-propagating malware poisons open source software and wipes Iran-based machines

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before ...

Malware in an Open-Source Project Could Have Infected Thousands. The Twist? It Was Certified by Delve

McMahon wrote that the malware was likely vibe coded, and sloppily at that, leading to the so-called “fork bomb” that crashed ...
ZDNet

Why AI is both a curse and a blessing to open-source software - according to developers

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...

Anthropic’s Claude can now control your Mac, escalating the fight to build AI agents that actually do work

Anthropic has given Claude the ability to control a Mac, marking a major step in the AI agent race and raising new questions ...
Engadget

NVIDIA is reportedly working on its own open-source AI agent platform

NVIDIA is reportedly working on its own open-source AI agent platform, according to Wired. The chipmaker has been pitching the product to enterprise software companies. Reporting indicates it's going ...
Mirage News

NIST Aids Fingerprint Examiners With New Tools

NIST's fingerprint dataset SD 302 includes 10,000 fingerprint images, including this one from the sticky side of a postage stamp. The dataset is now ...

Axios npm hack used fake Teams error fix to hijack maintainer account

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers ...
HealthcareInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

TeamPCP hackers deface Aqua Security's internal GitHub

Aqua Security is scrambling to recover from supply chain attacks that first compromised the vendor's Trivy vulnerability scanner, and which have now seen threat actor TeamPCP breach its internal ...