Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
HealthcareInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Rock Paper Shotgun

From the C: to the /Mnt/s, Linux is better than ever for PC gaming – and easier to switch to from Windows

For radical, picture me skateboarding ungainly while installing Linux - or, to be more precise CachyOS - on my PC. Windows 11 ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Verdict on MSN

OpenAI to expand Codex with Astral acquisition amid AI rivalry

Astral creates Python development tools such as uv, a package and project manager, and Ruff, a linter and formatter.
How-To Geek on MSN

DietPi just made it easy to host your own Google Photos on a Raspberry Pi

DietPi, the Raspberry Pi OS alternative, now has Immich as an optional package.
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...
eWeek

Oracle Axes Up to 12,000 Jobs in India, Its Biggest Hub, in Massive AI Shift

Oracle is cutting up to 12,000 jobs in India as it pivots to AI, with layoffs impacting nearly a quarter of its largest ...
Dark Reading

TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...