Researchers at Sysdig say they have observed, for the first time, a ransomware attack carried out almost entirely by an AI agent. According to the ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Security tooling is not written in a single language. Python powers most automation. C sits at the exploit layer. PowerShell ...
Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based code analysis systems into overlooking malicious payloads. Threat actors ...
A logic flaw sitting undetected in the Linux kernel for nearly nine years lets any unprivileged local user gain root access on virtually every mainstream Linux distribution shipped since 2017, ...
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...
If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...
Automated Let's Encrypt SSL certificate issuance and renewal for Sophos XGS firewalls using acme.sh. Sophos removed the built-in Let's Encrypt support that existed in the UTM product line. This ...