3月24日，月均安装量达9500万次的开源AI工具LiteLLM在PyPI仓库发布的两个版本（1.82.7和1.82.8）遭供应链投毒。这两个恶意版本携带复杂的三阶段攻击负载，能窃取SSH密钥、云凭据等敏感数据，并利用.pth文件实现自动触发，隐蔽性 ...

近日，开源AI API网关LiteLLM遭遇供应链投毒事件，引发全球开发者社区高度关注。作为支撑数千家企业AI架构的核心工具，该平台每月安装量高达9500万次，支持通过统一接口调用OpenAI、Anthropic等100余家服务商的API服务。此次攻击导致两个恶意版本（1.82.7和1.82.8）在PyPI官方仓库短暂发布，现已被紧急撤下。

The latest fake Zoom meeting scam silently pushes surveillance software onto the Windows computers of unwitting employees. That’s according to researchers at Malwarebytes, who warn that staff falling ...

Keenadu infiltrated devices by posing as legitimate system components, prompting calls for tighter controls on firmware integrity across manufacturing and supply‑chain pipelines. There’s too little a ...

A professional-grade Python middleware that seamlessly integrates with LiteLLM to provide automatic usage tracking, billing analytics, and comprehensive metadata collection. Features drop-in ...

Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a ...

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...

Section 1. Purpose. Unbeknownst to many Americans, two foreign-owned proxy advisors, Institutional Shareholder Services Inc. and Glass, Lewis & Co., LLC, play a significant role in shaping the ...

WASHINGTON, DC - AUGUST 20: A sign masks the location of the Federal Trade Commission (FTC) headquarters building on August 20, 2025, in Washington, DC. (Photo by J. David Ake/Getty Images) The FTC’s ...

WASHINGTON (AP) — House Speaker Mike Johnson exercised his power of the gavel Tuesday in an unusually aggressive effort to squash a proposal for new parents in Congress to be able to vote by proxy, ...