CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
Dark Reading

Wartime Usage of Compromised IP Cameras Highlight Their Danger

Russia, Iran, Israel, Ukraine, and the US have all exploited IP-connected cameras to 'see' monitor adversaries, and private ...

LiteLLM loses game of Trivy pursuit, gets compromised

Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the ...
NPR

'ChatGPT saved my life.' How patients, and doctors, are using AI to make a diagnosis

Start reading recent internet conversations about AI, and you'll find an anecdote that surfaces with increasing frequency: ChatGPT delivered lifesaving medical advice. "Three weeks ago I woke up from ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...
CSOonline

Microsoft develops a new scanner to detect hidden backdoors in LLMs

Microsoft’s research shows how poisoned language models can hide malicious triggers, creating new integrity risks for enterprises using third-party AI systems. Microsoft has developed a scanner ...