PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
eLife

New idtracker.ai rethinks multi-animal tracking as a representation learning problem to increase accuracy and reduce tracking time

Identification of each animal in a collective becomes possible even when individuals are never all visible simultaneously, enabling faster and more accurate analysis of collective behavior.
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
Polygon

What time does Genshin Impact version 'Luna 6' (6.5) release?

Genshin Impact patch 6.5 is coming soon, adding a new area to Mondstadt and introducing one new playable character to the gang. This update also has a special "Where Waves Meet the Reef" event, where ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
eLife

The long-range gene regulatory landscape of cerebellar granule neuron progenitors

Neuronal specification, expansion and differentiation are tightly regulated by the concerted actions of transcription and chromatin modifying factors that are recruited to regulatory elements in the ...