← Back to Blog

AI News Digest: July 18, 2026

Daily roundup of AI and ML news - 8 curated stories on security, research, and industry developments.

Here's your daily roundup of the most relevant AI and ML news for July 18, 2026. Today's digest includes 3 security-focused stories. Click through to read the full articles from our curated sources.

Security & Safety

1. Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack.

The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil, which was observed using...

Source: The Hacker News (Security) | 19 hours ago

2. New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code

Updated July 18, 2026: the two flaws now carry CVE IDs, the full mechanism has been published, a persistent-object-cache condition has surfaced, and a working proof-of-concept is public. The story below reflects all of it.

An anonymous HTTP request can run code on a WordPress site. The bug is in...

Source: The Hacker News (Security) | 16 hours ago

3. OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests

Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts.

OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry poin...

Source: The Hacker News (Security) | 17 hours ago

HuggingFace & Models

4. Fine-tune video and image models at scale with NVIDIA NeMo Automodel and 🤗 Diffusers

Source: HuggingFace Blog | 22 hours ago

Tech & Development

5. Prompt Injection Attacks Are Thwarting AI Hacking Agents

“Context bombing” tricks malicious AI agents into shutting down before they can do harm.

Source: Wired - AI | 5 hours ago

6. The Htop for LLM Inference

Article URL: https://github.com/helasaoudi/llm-inspector Comments URL: https://news.ycombinator.com/item?id=48956776 Points: 4

Comments: 1

Source: Hacker News - AI | 3 hours ago

7. Show HN: ride-recap, teaching a LLM my taste to automate cycling highlights

TL;DR: Turn hours of raw GoPro footage + a .fit file into a 60-second highlight reel with ride telemetry burned in. Every second of the ride is scanned by gemini-3.5-flash, as is the clip ranking + curation. The whole thing costs about $0.04 per ride and takes 10 minutes.Longer version: Road cycl...

Source: Hacker News - AI | 1 hours ago

8. What if restaurant menus had AI copilots?

I have a small bakery called Delis Croissants in Amol, Iran. I beleive we have the most delicious croissants in the world so we need a cool digital menu as well but I couldn't find a digital menu I liked, so I asked claude code to built my own: Rumizi. Rumizi is Persian for tablecloth, the thing ...

Source: Hacker News - AI | 2 hours ago


About This Digest

This digest is automatically curated from leading AI and tech news sources, filtered for relevance to AI security and the ML ecosystem. Stories are scored and ranked based on their relevance to model security, supply chain safety, and the broader AI landscape.

Want to see how your favorite models score on security? Check our model dashboard for trust scores on the top 500 HuggingFace models.