Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

Discover how a hacker exploited Claude and ChatGPT to breach government agencies. Learn about the AI-driven tactics used to ...

The incident has been described as one of the most significant code leaks in recent times, involving the exposure of Claude ...

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

You’ve seen it. Rigid hierarchies that move like glaciers, micromanagement that suffocates any spark of creativity, and a burnout culture that treats high ...

TeamPCP strikes again, with almost identical code to LiteLLM.

AI recruiting startup Mercor confirms supply chain attack via LiteLLM library compromise. Hackers claim 4TB of data including ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

On X, Shou linked to a zip file with the leaked code. He is the CTO of Fuzzland and a dropout of the UC Berkeley Ph.D.