The Hacker News

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...
CNX Software

Ubo Pod – A Raspberry Pi 4/5-based personal AI assistant (Crowdfunding)

The Ubo Pod Developer Edition (DE) is an open-source AI vision and conversational voice assistant platform built around the ...

Python releases version 3.14 – with cautious free-threaded support

The Python team has released version 3.14, with big new features including free threading support, the ability to use ...
The Hacker News

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Malicious PyPI package soopsocks downloaded 2,653 times before takedown, exfiltrating Windows data to Discord.

Socket will block it with free malicious package firewall

Socket Firewall Free builds upon the company's safe npm tool by extending scanning capabilities beyond the ...
marktechpost

Qwen3-ASR-Toolkit: An Advanced Open Source Python Command-Line Toolkit for Using the Qwen-ASR API Beyond the 3 Minutes/10 MB Limit

# International endpoint key export DASHSCOPE_API_KEY="sk-..." Qwen3-ASR-Toolkit turns Qwen3-ASR-Flash into a practical long-audio pipeline by combining VAD-based segmentation, FFmpeg normalization ...
GitHub

command:python.interpreterPath suddenly resolving incorrectly

I've been using the same launch.json without issue for a good while now within my project. Suddenly command:python.interpreterPath is resolving to homebrew python rather than the .venv python ...
IEEE

OSPtrack: A Labeled Dataset Targeting Simulated Execution of Open-Source Software

Abstract: Open-source software serves as a foundation for the internet and the cyber supply chain, but its exploitation is becoming increasingly prevalent. While advances in vulnerability detection ...