Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Dark Reading

Wartime Usage of Compromised IP Cameras Highlight Their Danger

Russia, Iran, Israel, Ukraine, and the US have all exploited IP-connected cameras to 'see' monitor adversaries, and private ...
Dark Reading

Attackers Hide Infostealer in Copyright Infringement Notices

A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...
Infosecurity Magazine

Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage

Researchers at Sekoia believe Silver Fox operates with dual objectives. Some campaigns appeared aligned with intelligence ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

AI & Tech Brief: The cybersecurity gold rush

Cybersecurity and tech firms are positioning themselves to capture the exploding market for AI “governance.” Why leading ...
SecurityWeek

RSAC 2026 Conference Announcements Summary (Pre-Event)

A summary of the announcements made by vendors in the days leading up to the RSAC 2026 Conference. As hundreds of vendors ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
Bitdefender

Lapsus$ claims AstraZeneca breach exposes code and credentials

Alleged AstraZenea data leak raises concerns over internal access, source code exposure and follow-on cyber risks.
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...
Security Info Watch

Opal Security Launches AI-Native Platform for Unified Access Governance

Opal Security unveils an AI-native platform designed to automate and unify access governance as organizations grapple with ...