Cybercriminals are exploiting the recent Claude Code source code leak to distribute Vidar malware via fake GitHub repositories.
North Korean hackers pushed out malicious updates to a popular open source project by hacking a top developer's computer in a ...
M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.
Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as ...
fern on MSN
Iran’s nuclear site was sealed off from the world - then the sabotage started from inside
Iran’s nuclear facility at Natanz was supposed to be beyond reach: buried underground, disconnected from the internet, and ...
Some projects need no complicated use case to justify their development, and so it was with [Janne]’s BeamInk, which mashes a ...
Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...
Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer Machines
On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results