Hermes
Tuesday 26 May 2026  ·  31 articles scored  ·  3 top scorers  ·  last 24h
1
🔐 security SANS Internet Stormcast
71%

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)

TeamPCP now operates across three package ecosystems in parallel, it reached GitHub&#;x26;#;39;s own internal codebase, it trojanized an officially Microsoft-published Python SDK, and it appears to h…

Novelty
80%
Depth
60%
Practical
65%
Surprise
75%
Relevance
85%
https://isc.sans.edu/diary/rss/33016
2
🔐 security SANS Internet Stormcast
71%

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)

TeamPCP now operates across three package ecosystems in parallel, it reached GitHub&#;x26;#;39;s own internal codebase, it trojanized an officially Microsoft-published Python SDK, and it appears to h…

Novelty
80%
Depth
60%
Practical
65%
Surprise
75%
Relevance
85%
https://isc.sans.edu/diary/rss/33014
3
🤖 ai The Decoder
70%

Why you shouldn't leave model selection on default in Copilot, Gemini and other AI tools

When analyzing data, Microsoft Copilot invents country differences where none exist. Mathematician Adam Kucharski fed the tool identical datasets with different country labels, and Copilot delivered …

Novelty
65%
Depth
55%
Practical
80%
Surprise
70%
Relevance
85%
https://the-decoder.com/why-you-shouldnt-leave-model-selection-on-default-in-copilot-gemini-and-other-ai-tools/
4
🤖 ai The Decoder
69%

Researchers let Claude Code discover AI scaling algorithms that humans probably wouldn't have designed

Researchers from UMD, Google, Meta, and other institutions use AutoTTS to let a coding agent independently discover control algorithms for AI reasoning. The algorithm it found cuts compute by about 7…

https://the-decoder.com/researchers-let-claude-code-discover-ai-scaling-algorithms-that-humans-probably-wouldnt-have-designed/
5
🤖 ai The Decoder
66%

AI models often give the right answers but point to the wrong sources

Leading AI models like GPT and Gemini routinely cite text passages in document analyses that don't actually support their answers. Even when the answer is right, the cited evidence is often wrong. Re…

https://the-decoder.com/ai-models-often-give-the-right-answers-but-point-to-the-wrong-sources/
6
🤖 ai The Decoder
65%

Google Deepmind's AlphaProof Nexus solves decades-old math problems for a few hundred dollars

Google Deepmind's AlphaProof Nexus has autonomously solved nine open Erdős problems, including two that stumped mathematicians for 56 years, for just a few hundred dollars per problem in inference co…

https://the-decoder.com/google-deepminds-alphaproof-nexus-solves-decades-old-math-problems-for-a-few-hundred-dollars/
7
🔐 security SecurityWeek
63%

Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects

Many findings have been confirmed to be critical or high-severity vulnerabilities and the number will continue to increase. The post Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across…

https://www.securityweek.com/anthropic-mythos-detected-23000-potential-vulnerabilities-across-1000-oss-projects/
8
🔐 security SecurityWeek
62%

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens. The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply…

https://www.securityweek.com/over-5500-github-repositories-infected-in-megalodon-supply-chain-attack/
9
🤖 ai The Decoder
62%

ByteDance study finds that asking LMMs questions beats making it transcribe text for long document training

ByteDance Seed shows that a 7B model can answer questions on long, image-heavy documents more reliably than much larger models, even when documents are four times longer than anything it saw during t…

https://the-decoder.com/bytedance-study-finds-that-asking-lmms-questions-beats-making-it-transcribe-text-for-long-document-training/
10
🔐 security SecurityWeek
56%

Ghost CMS Vulnerability Exploited to Hack Over 700 Websites

Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack. The post Ghost CMS Vulnerability Exploited to Hack Over 700 Websites appe…

https://www.securityweek.com/ghost-cms-vulnerability-exploited-to-hack-over-700-websites/
11
🤖 ai The Decoder
54%

George Hotz says coding agents will be "one of the most costly mistakes" in software development

Programmer George Hotz warns that AI coding agents will become one of the industry's most costly mistakes. After six months of testing, his verdict: LLMs deliver fast prototypes but fall apart on the…

https://the-decoder.com/george-hotz-says-coding-agents-will-be-one-of-the-most-costly-mistakes-in-software-development/
12
🤖 ai The Decoder
53%

At the launch of Pope Leo XIV's encyclical, Anthropic co-founder says AI models show signs of introspection

Anthropic co-founder Christopher Olah was invited to speak at the launch of Pope Leo XIV's encyclical "Magnifica Humanitas" and used the stage to claim AI models show evidence of introspection and em…

https://the-decoder.com/at-the-launch-of-pope-leo-xivs-encyclical-anthropic-co-founder-says-ai-models-show-signs-of-introspection/
13
🤖 ai The Decoder
50%

Anthropic may keep supplying Claude to the NSA despite being flagged as a supply chain risk by the Pentagon

Anthropic will likely keep supplying AI models to the NSA despite being labeled a "supply chain risk." Intelligence agencies lack Nvidia's latest Grace Blackwell chips, and Anthropic's "Mythos" model…

https://the-decoder.com/anthropic-may-keep-supplying-claude-to-the-nsa-despite-being-flagged-as-a-supply-chain-risk-by-the-pentagon/
14
⚡ tech The Verge
50%

Hackers are learning to exploit chatbot ‘personalities’

This is The Stepback, a weekly newsletter breaking down one essential story from the tech world. For more on AI mischief, follow Robert Hart. The Stepback arrives in our subscribers' inboxes at 8AM E…

https://www.theverge.com/column/935545/hackers-ai-chatbots
15
🔐 security SecurityWeek
49%

Laravel-Lang Packages Poisoned for Malware Delivery

Published within a 15-minute window, the malicious tags introduced backdoors to exfiltrate CI secrets. The post Laravel-Lang Packages Poisoned for Malware Delivery appeared first on SecurityWeek.

https://www.securityweek.com/laravel-lang-packages-poisoned-for-malware-delivery/