LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of credential-harvesting malware to thousands of AI developers.

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude (Opus 4.5) and a third-party asset management platform. The idea is simple: ...

Claim your complimentary copy (worth $28) of "Between You and AI: Unlock the Power of Human Skills to Thrive in an AI-Driven World" for free, before the ...

Supply chain attacks feel like they're becoming more and more common.

If you're a cybersecurity enthusiast or ethical hacker who wants to learn more about building hacking tools, this book is for ...

Learn how to automate your Git workflow and environment variables into a single, error-proof command that handles the boring ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Send a note to Doug Wintemute, Kara Coleman Fields and our other editors. We read every email. By submitting this form, you agree to allow us to collect, store, and potentially publish your provided ...

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain ...