Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
An AI agent just autonomously exploited a FreeBSD kernel vulnerability in four hours, signaling a fundamental shift in the ...
Read actionable advice for CISOs on securing AI, managing risk, and applying core security principles in today’s AI‑powered ...
A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data ...
1don MSN
Security experts discover critical flaw in OpenAI's Codex able to compromise entire organizations
Researchers managed to steal GitHub OAuth tokens by abusing a command injection vulnerability.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results