CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
DataBreachToday

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

These Hackers Launched A ‘Nightmare’ Attack On AI Developers

TeamPCP hackers say AI helped them launch a devastating spree of attacks. But they wouldn’t have succeeded if developers’ security hadn’t been so weak in the first place.
Dark Reading

Intermediaries Driving Global Spyware Market Expansion

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.

I built a web page with OpenAI’s Codex in 5 minutes. Here’s how

PCWorld demonstrates how OpenAI’s Codex can generate a complete personal homepage in just 56 seconds using simple prompts and ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
Scientific American

The hacked cameras behind the wave of assassinations in Iran

Security feeds and traffic cameras have helped guide some of the most audacious targeted killings in modern history. Security ...
Infosecurity Magazine

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code ...

Internet Yiff Machine: We hacked 93GB of “anonymous” crime tips

P3 Global Intel claims that it has “quickly become the new standard in tip management for Crime Stoppers programs, [Law ...

Silicon Valley’s two biggest dramas have intersected: LiteLLM and Delve

LiteLLM offers an AI open source project used by millions that was infected by credential harvesting malware.

Malware in an Open-Source Project Could Have Infected Thousands. The Twist? It Was Certified by Delve

For a short window on Tuesday, two versions of a popular open-source project from LiteLLM contained malware, designed to steal all sorts of login credentials. A researcher discovered it after it ...