Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack' that could have wiped millions of SSL private keys, database passwords, mor…

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software ...

Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour ...
HealthcareInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
eWeek

Luis Millares

Luis Millares has extensive experience reviewing virtual private networks (VPNs), password managers, and other security ...

AI & Tech Brief: The cybersecurity gold rush

Cybersecurity and tech firms are positioning themselves to capture the exploding market for AI “governance.” Why leading ...
VnExpress International on MSN

How a self-taught Vietnamese high schooler built the malware that infected 94,000 computers worldwide

International cybersecurity firms had been tracking a sophisticated malware strain called PXA Stealers for months, tracing it to a Vietnamese-speaking developer whose Telegram handle "Lone None" was ...
eWeek

Why Reproducible Analytics Is Critical for AI in Healthcare and Life Sciences

AI adoption in healthcare and life sciences is accelerating at a rapid pace, driving advancements in clinical research, ...
Global Investigative Journalism Network

Tips for Using AI as Reporting Tool to Uncover Wrongdoing

From fishing quotas in Norway to legislative accountability in California, investigative journalists share practical, ...

Supply chain attack on LiteLLM: Affected parties should change credentials

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...