Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
Communications of the ACM

A Decade of Docker Containers

Docker is a widely used developer tool that first simplifies the assembly of an application stack (docker build), then allows for the rapid distribution of the resulting executabl ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
InfoWorld

How to choose the best LLM using R and vitals

Use the vitals package with ellmer to evaluate and compare the accuracy of LLMs, including writing evals to test local models ...
GitHub

Python package to develop applications with Dispatch.

Dispatch differs from alternative solutions by allowing developers to write simple Python code: it has a minimal API footprint, which usually only requires using a function decorator (no complex ...
Security Boulevard

Hackers Use LLM to Create React2Shell Malware, the Latest Example of AI-Generated Threat

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine cryptocurrency. It's the latest example of bad actor's using AI to create ...
GitHub

PyPLUTO: a data analysis Python package for the PLUTO code

PyPLUTO is a Python library which loads and plots the data obtain from the PLUTO code simulations. The aim of this package is to simplify some non-trivial python routines in order to quickly recover ...