CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

London AI Startup Coda One Launches Free Platform With 59 Productivity Tools, Taking Aim at Subscription Fatigue

United Kingdom, March 28, 2026 -- Coda One, a London-based AI startup, has launched a free online platform combining 59 AI writing, PDF, image, and developer tools under one roof. The platform ...
The Hacker News

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.

Direct Prompt Injection: How Attackers Manipulate LLM Input

Direct prompt injection occurs when a user crafts input specifically designed to alter the LLM’s behavior beyond its intended ...
TechJuice

LeakNet Ransomware Tricks Victims Into Infecting Themselves Through Hacked Websites

LeakNet ransomware uses ClickFix attacks on hacked sites to trick users into running malicious commands and stealing data.
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

Java 26 with JVM optimizations, HTTP/3, and finally no Applet API

The current OpenJDK 26 is strategically important and not only brings exciting innovations but also eliminates legacy issues ...
Tom's Hardware on MSN

Mad lad stores and loads Doom from within DNS — TXT record type abused to store game data

You should grab a stiff drink before reading this.

Indirect Injection and Multi-Modal Attacks: Poisoning the Pipeline

Indirect prompt injection represents a more insidious threat: malicious instructions embedded in content the LLM retrieves ...
SMEChannels

How Adversarial Poetry Can Jailbreak AI Models

Manpreet Singh, Co-Founder & Principal Consultant at 5TATTVA and CRO of Zeroday Ops Manpreet Singh is the Co-Founder & ...

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 ...