SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Another worrying macOS malware scheme has been discovered — here's how to stay safe

Malwarebytes discovered Infiniti Stealer - a new piece of malware targeting macOS devices.

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

H33 Launches HICS for Free: The First Trust-less Software Scoring Tool with Post Quantum ...

Free cryptographically verified code quality scoring for software procurement. The best software wins. Not the best ...

Patch now! Malicious code attacks on AI tool Langflow observed

A critical security vulnerability in Langflow allows attackers to push and execute malicious code on PCs. A security patch is ...
Security Boulevard

7 Enterprise Infrastructure Tools That Eliminate Months of Engineering Work

Discover 7 enterprise infrastructure tools that reduce engineering workload, speed deployment, and eliminate months of manual ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
SecurityWeek

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...
WinBuzzer

OpenAI Launches Plugin Marketplace for Codex with Enterprise Controls

OpenAI has launched a plugin marketplace for Codex with over 20 integrations from Slack, Figma, and Notion, adding enterprise ...