Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

'Each vulnerability exposes a different class of enterprise data': LangChain framework hit ...

LangChain helps developers build apps using large language models (LLM), by connecting AI models to various data sources and ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

Addressing India’s Top Cloud Challenge—Praveen Ravula’s Method

Working as a software development engineer for AWS Security at Amazon, Praveen Ravula, the 2025 Developer of the Year awardee ...
The Hacker News

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...

Toronto-based Hackergal comes to Calgary to support girls entering the tech sector

Our whole goal is to try to close the gap in gender equity that exists in technology specifically, but broadly in STEAM ...
WinBuzzer

Andrej Karpathy: Humans Are the Bottleneck in AI Research

Andrej Karpathy has argued that human researchers are now the bottleneck in AI, after his open-source autoresearch framework ...
VietNamNet

Vietnam police bust global cybercrime ring run by student coder

A student programmer allegedly developed malware used in a transnational cybercrime operation generating billions of VND.