200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL ...
i-scoop.eu

OpenFang: The Agent Operating System

Building autonomous AI agents has, until recently, felt like assembling a fragile house of cards. You stitch together Python libraries, wrestle with dependency conflicts, and cross your fingers that ...
Ars Technica

Hugging Face, the GitHub of AI, hosted code that backdoored user devices

Code uploaded to AI developer platform Hugging Face covertly installed backdoors and other types of malware on end-user machines, researchers from security firm JFrog said Thursday in a report that’s ...
InfoWorld

Intro to PyScript: Run Python in your web browser

PyScript lets you run Python scripts right in the browser, side by side with JavaScript, with two-way interaction between your code and the web page. Created by Anaconda and launched in April 2022, ...
GitHub

Cannot install python package (acryl-datahub) into Python 3.12 environment

Obtaining dependency information for acryl-datahub from https://files.pythonhosted.org/packages/8f/49/51e6fa1bc0182b7aa91f54df5c14a55676b2756f3ca0e81168c8d52bfb1a ...