Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
Morning Overview on MSN

The AI-generated zero-day discovered by Google used clean 'textbook' Python code — a hallmark of large language model output

The exploit code was almost too neat. When Google’s Threat Intelligence Group flagged a previously unknown software ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
Security Boulevard

Capsule Security Analysis Details Scope of Vulnerable AI Agent Attack Surface

Report reveals alarming security gaps in AI agents. Capsule Security analysis finds 402,599 unique AI agent hosts are reachable from the public internet. Worse, most are deployed without default ...

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...