On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...
If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...
The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed. PyPI is ...
A2A is an open, vendor-neutral protocol that allows diverse AI agents to seamlessly communicate, coordinate, and delegate work. The protocol shifts AI focus from a single monolithic agent to ...
A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace review and entered the developer ecosystem. In a suspected test effort, ...
OpenStack has delivered its 32nd major release, named "Flamingo." OpenStack Technical Committee chair Goutham Pacha Ravi singled out work to remove eventlet dependencies as a major feature of this ...
The OpenStack cloud infrastructure project keeps on going, 15 years after it was first created as a joint effort of NASA and Rackspace. Today the open-source effort debuted its 32nd release known as ...
Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads ...