Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

It’s always nice to simulate a project before soldering a board together. Tools like QUCS run locally and work quite well for ...

AI recruiting startup Mercor confirms supply chain attack via LiteLLM library compromise. Hackers claim 4TB of data including ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

Anthropic, the flagship AI company, has inadvertently exposed the source code for its major CLI tool Claude Code. It has ...

The incident has been described as one of the most significant code leaks in recent times, involving the exposure of Claude ...

How I used Gemini to replace YouTube's missing comment alerts - in under an hour ...