PolyShell attacks target 56% of all vulnerable Magento stores

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...
OfficeChai

LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer Machines

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

TP-Link warns users to patch critical router auth bypass flaw

TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow ...
Developer Tech

Isolating dynamic AI agent code execution with Cloudflare’s API

Securing dynamic AI agent code execution requires true workload isolation—a challenge Cloudflare’s new API was built to solve ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.