CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.
heise online

Ghostling makes terminal emulation a C library

With Ghostling, the Ghostty project has released a reference implementation that makes the core of the terminal emulator usable as a standalone C library. In theory, terminal emulation thus becomes a ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
eLife

Audiovisual cues must be predictable and win-paired to drive risky choice

Sensory cues increase risky choice when paired with wins but reduce risky choice when paired with losses, with parallel shifts in sensitivity to negative outcomes.