With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...

PewDiePie has released Odysseus, a free and open-source AI workspace that runs on a user’s own computer. The project is not a new AI model. Instead, ...

Proofpoint says Chinese cybercrime group TA4922 is using AI-assisted phishing and apparently LLM-developed malware, including ...

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...

The newrelic package instruments your application for performance monitoring and advanced performance analytics with New Relic. Pinpoint and solve Python application performance issues down to the ...

The Brickstorm backdoor and unidentified malware called Plenet and AgentPSD have been used by a Chinese espionage cell known ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.