Microsoft 365 Under Siege: Phishing Campaign Bypasses MFA Across 5 Countries

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...
GovInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing developers to credential theft, ...

These Hackers Launched A ‘Nightmare’ Attack On AI Developers

TeamPCP hackers say AI helped them launch a devastating spree of attacks. But they wouldn’t have succeeded if developers’ security hadn’t been so weak in the first place.
Dark Reading

Critical Flaw in Langflow AI Platform Under Attack

Threats actors pounced on the vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs.
Infosecurity Magazine

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code ...

A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know.

Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by security researchers. DarkSword has now leaked online.

Huge numbers of web stores are facing attack from this dangerous new malware

PolyShell vulnerability in Magento/Adobe Commerce mass exploited, hitting over half of vulnerable stores Attackers deploy ...