The popular Python package for monitoring data quality was briefly available as a malicious version. Provider Elementary ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

A critical pre-authentication SQL injection vulnerability in BerriAI’s LiteLLM Python package came under active exploitation ...

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Learn prompt engineering with this practical cheat sheet that covers frameworks, techniques, and tips for producing more ...

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

As the OpenClaw ecosystem continues to surge in popularity, more customers are deploying and utilizing these AI agents on a large scale. However, this growth has brought significant security ...

Arcjet thinks it has the answer. The company this week introduced Guards, a service designed to enforce security inside AI ...