Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services. The ...
The popular Telnyx Python SDK is the latest victim of TeamPCP’s weeks-long supply chain campaign targeting the broad open source software ecosystem. The campaign started on March 19 with Aqua Security ...
In early 2025, CISA added CVE-2025-3248 to their Known Exploited Vulnerabilities catalog. It was an unauthenticated remote code execution bug in Langflow, the popular open-source AI workflow builder ...
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
The Orb Python library provides convenient access to the Orb REST API from any Python 3.9+ application. The library includes type definitions for all request params and response fields, and offers ...
Markets respond to information faster than anything else, and most of that information begins with a headline. An earnings update, a regulatory note, a product issue, even a short line from an analyst ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results