PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
XDA Developers on MSN

5 open-source developer tools that are better than their well-funded competitors

Better than billion-dollar software.
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...