The Hacker News

The State of Trusted Open Source Report

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...
Computer Weekly

PyTorch Foundation lights up welcomes for Helion & Safetensors

The PyTorch Foundation also welcomed Safetensors as a PyTorch Foundation-hosted project. Developed and maintained by Hugging ...
CIOL

OpenAI Astral Acquisition Brings Codex Closer to Python Developer Workflows

OpenAI is moving a step deeper into the software development stack with its planned acquisition of Astral, a company known for building widely used open-source Python developer tools. The move is less ...
InfoWorld

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
CNX Software

Raspberry Pi SBC gets (analog and) digital radio HAT with AM, FM, DAB, DAB+, HD radio

Yesterday, I wrote about a 2-year-old open-source hardware ESP32-based DAB+ receiver project, but it turns out there's also a ...
diginomica

PyTorch Foundation adds Helion and Safetensors - and the open AI stack gets a little harder to ignore

Mark Collier briefed me on two updates under embargo at KubeCon Europe 2026 last month: Helion, which opens up GPU kernel ...

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
Morning Overview on MSN

Vibe coding’s downsides are piling up, especially for open-source projects

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from open-source components with minimal human oversight, is creating hidden costs for ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

OpenAI acquires Astral, the Python startup whose tools run on millions of developer machines

OpenAI has acquired Astral, a startup whose essential Python development tools are used by millions. This strategic move aims to bolster OpenAI's Codex group, which faces competition from Anthropic's ...