AI Pulse, Weekly
What shipped, what broke, and what to read next in machine learning. A weekly editorial brief.
Latest Analysis
-
Invisible Unicode Characters Enable Stealthy Supply-Chain Attacks on GitHub, NPM
Aikido Security researchers uncover 151 malicious packages using invisible Unicode code to evade detection, targeting GitHub, NPM, and Open VSX…
-
IP KVM Security Gaps Expose Networks to Physical-Level Breach Risks
Eclypsium researchers identify nine vulnerabilities in IP KVMs from four manufacturers, highlighting fundamental security failures that grant attackers BIOS/UEFI-level access.
-
FedRAMP Approved Microsoft’s GCC High Despite Internal Security Warnings
Federal cybersecurity evaluators described Microsoft’s Government Community Cloud High as a ‘pile of shit’ in internal reports, citing insufficient documentation…
-
Broadcom’s VMware Partner Cuts Spark EU Antitrust Complaint from Cloud Providers
A cloud service provider trade group has filed an EU antitrust complaint against Broadcom for shutting down VMware’s partner program,…
-
Trivy Vulnerability Scanner Compromised via Malicious Git Push in Supply Chain Attack
Aqua Security’s Trivy scanner has been compromised in a supply chain attack, with malicious dependencies pushed to most version tags,…
-
Launch Platform Partnership Advances Offshore Alpha Rocket Capability
Seagate Space and Firefly Aerospace sign memorandum to develop offshore launch system for Alpha rocket, enabling new orbital access.