Holistic’s open-source tools counter AI development risks

Woman punching illustrating the launch of Holistic AI open-source tools to counter artificial intelligence software development risks and algorithmic bias.

Holistic has unveiled an open-source library to help counter AI development risks and build fairer and more responsible systems.

The library – dubbed Holistic AI OSL – arrives at a crucial moment when organisations are increasingly deploying AI systems across sensitive domains including recruitment, healthcare, and financial services. Recent studies suggest that 65% of AI researchers and developers still consider bias a significant challenge in their work.

Holistic...

23 October 2024 | Artificial Intelligence

Entry points threaten multiple open-source ecosystems

Sign illustrating how vulnerabilities with entry points can be exploited by hackers to threaten open-source packages of multiple programming ecosystems.

While current tools have improved at detecting common tactics for exploiting open-source packages, a feature remains largely overlooked: entry points.

Security researchers at Checkmarx uncovered how attackers can leverage entry points across multiple programming ecosystems, with a particular focus on PyPI, to trick victims into running malicious code. This method – while not allowing for immediate system compromise – offers a subtler approach for patient attackers to...

14 October 2024 | Developer

North Korean hackers target developers in latest npm attack wave

A fresh offensive by suspected North Korean hacking groups has targeted the open-source software community with a series of malicious packages uploaded to the npm repository.

Identified by cybersecurity firm Phylum, the attacks leverage multiple techniques and appear designed to steal cryptocurrency and sensitive data from unsuspecting developers.

The campaign began on 12th August and involves several distinct publication patterns and attack types, suggesting the...

29 August 2024 | Developer

SQL, Python, and Java most sought-after skills

SQL, Python, and Java remain the most sought-after programming skills by employers, according to new research from System Design School. The study analysed job listings on Glassdoor, revealing the languages most frequently cited as required skills.

"In today's competitive job market, having the right skills is more important than ever, and this data provides clear evidence of the programming languages employers are seeking,” commented Sheldon Chi, ex-Google engineer and creator...

19 August 2024 | Developer

SlashData: Rust sees fastest growth, JavaScript still dominates

According to SlashData's findings, the JavaScript community grew by an impressive four million users in the past 12 months, solidifying its status as the most widely-used programming language globally.

Here is a breakdown of the size of various programming language communities:

JavaScript: 25.2 million developers Python: 18.2 million developers Java: 17.7 million developers C++: 11.6 million developers C#: 10.2 million developers PHP: 9.8 million...

12 June 2024 | Developer

Sonatype exposes malicious PyPI package ‘pytoileur’

Sonatype has exposed 'pytoileur', a malicious PyPI package designed to download and install trojanised Windows binaries capable of surveillance, commandeering persistence, and stealing cryptocurrency. This discovery is part of a broader, months-long "Cool package" campaign aimed at infiltrating the coding community.

Yesterday, an automated malware detection system operated by Sonatype, known as the Sonatype Repository Firewall, flagged a newly published PyPI package called...

29 May 2024 | Hacking & Security

Phylum uncovers targeted malware disguised in Python package

Phylum’s cybersecurity experts have detected a malicious payload embedded within a popular Python package on the PyPI repository. The package, named requests-darwin-lite, is an unauthorised variant of the widely-used requests library.

The requests-darwin-lite package was cleverly designed to emulate its legitimate counterpart but included a Go binary concealed within an oversized image file pretending to be a simple logo. This file – a PNG labelled as a sidebar image –...

13 May 2024 | Hacking & Security

GitHub updates Innovation Graph with latest developer trends

GitHub's Innovation Graph has been updated with data from Q4 2023, offering a comprehensive view of global developer activity over the past four years.

The latest findings highlight the increasing popularity of AI among developers, leading to a rise in project documentation. This trend is attributed to the widespread use of chat-based generative AI tools like GitHub Copilot Chat and ChatGPT.

"While we recognise that it's not a panacea, perhaps generative AI technologies...

10 April 2024 | Android

JetBrains launches 2024.1 with local AI code completion

JetBrains has released the 2024.1 updates for its IDEs with several major new features, headlined by full-line code autocompletion powered by local AI models.

The new full-line code completion functionality ensures code suggestions are processed entirely on the user's device, minimising latency and providing a seamless offline experience.

“We’ve developed models that run directly on your device, and the IDE verifies each suggestion,” explained Mikhail Kostyukov,...

4 April 2024 | Artificial Intelligence

Python skills ‘increasingly essential’ to dev teams venturing into advanced AI

Python’s status as the primary language for AI and machine learning projects, from its extensive data-handling capabilities to its flexibility and portability, is well-founded. Just how well-founded can be seen in new user data from Snowflake.

The cloud data provider reported that, year on year, use of Python grew 571% in Snowpark, Snowflake’s set of libraries which securely deploy and process non-SQL code. In other words, it will not be a surprise to see Python, Scala and...

3 April 2024 | Artificial Intelligence