GovInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing developers to credential theft, ...

These Hackers Launched A ‘Nightmare’ Attack On AI Developers

TeamPCP hackers say AI helped them launch a devastating spree of attacks. But they wouldn’t have succeeded if developers’ security hadn’t been so weak in the first place.

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

Apple made strides with iOS 26 security, but leaked hacking tools still leave millions exposed to spyware attacks

The common assumption among iPhone security experts has been that finding vulnerabilities and developing exploits for iOS was ...
Dark Reading

Intermediaries Driving Global Spyware Market Expansion

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.
The Hacker News

Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception

Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can apply to the world of defensive cybersecurity. During the ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...