The Daily Northwestern

NU students help D65 5th graders turn Python code into music

Trumpet blares, fading sounds of heartbeats and a ringing alarm clock. These aren’t sound effects for a movie — rather, for ...

No, McDonald’s AI bot didn’t go rogue, but ‘prompt injection’ is still a risk for companies

Once the bot broke character, users had unrestricted, unpaid access to a premium language model directly through the Amazon ...
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Robbins ‘was bullied into clearing Mandelson appointment’

No 10 put the Foreign Office under “constant pressure” to clear Lord Mandelson for the appointment of US ambassador, Sir Olly ...
Spiceworks on MSN

Anthropic cancels launch of dangerous Claude Mythos model

Anthropic just built an AI model so dangerous it had to cancel the public launch. During pre-deployment testing, the company’s newest frontier model, Claude Mythos Preview, proved so adept at hunting ...
Geopolitical Monitor

Distributed Risk: Open-Source Software as Strategic Infrastructure

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Northwestern's McCormick School of Engineering

Building Solutions and Community at WildHacks 2026

Nearly 250 students representing 53 universities completed 68 innovative software projects during the WildHacks 2026 event ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...