Hackaday

PhantomRaven Attack Exploits NPM’s Unchecked HTTP URL Dependency Feature

Having another security threat emanating from Node.js’ Node Package Manager (NPM) feels like a weekly event at this point, ...
CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
SecurityWeek

OpenAI Atlas Omnibox Is Vulnerable to Jailbreaks

Researchers found a critical jailbreak in the ChatGPT Atlas omnibox that allows malicious prompts to bypass safety checks.
Beebom

Google Unveils Gemini 2.5 Computer Use That Clicks, Types, and Scrolls Like Humans

Google's latest Gemini 2.5 Computer Use AI model is designed to perform actions on web browsers and Android UIs. It outperforms OpenAI's Computer-Using AI Agent and Anthropic's Claude Sonnet 4.5 in ...
The New York Times

OpenAI Agrees to Use Computer Chips From AMD

Weeks after a $100 billion agreement to use computer chips from Nvidia, OpenAI has signed a similar deal with a rival chipmaker. By Cade Metz Reporting from San Francisco Late last month, OpenAI ...