CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
IEEE

Enhancing DDoS Detection: A Novel Real-World Dataset for Generalizable Cross-Domain Training

Abstract: Researchers working on DDoS detection encounter significant challenges, primarily due to the lack of robust datasets. Existing publicly available datasets are mostly synthetic, mixed, or ...
IEEE

Hybrid CNN-LSTM Model for DDoS Detection and Mitigation in Software-Defined Networks

Abstract: Software-Defined Networking (SDN) enhances programmability and control but remains highly vulnerable to distributed denial-of-service (DDoS) attacks. Existing solutions often adapt ...