The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Two research teams mined genomic data from bacteria to create databases containing thousands of antiviral defence proteins ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

This technique can be used out-of-the-box, requiring no model training or special packaging. It is code-execution free, which ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Uploads bring prompts and responses, but not project files, attachments, or AI-generated images. The rollout skips the UK, ...

TeamPCP strikes again, with almost identical code to LiteLLM.

FOLIO released a number of new tools designed to help organizations adopt and use shared terminology for legal matters. The ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...