These Hackers Launched A ‘Nightmare’ Attack On AI Developers

TeamPCP hackers say AI helped them launch a devastating spree of attacks. But they wouldn’t have succeeded if developers’ ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

Top LLM PyPl package compromised to steal user details

Aqua Security’s Trivy vulnerability scanner compromise is trickling down ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
Infosecurity-magazine.com

Android Malware Hijacks Google Gemini to Stay Hidden

ESET researchers have identified an Android malware implant that uses generative AI (GenAI) for persistence purposes. This malicious implant is an advanced version of VNCSpy, a piece of malware that ...
WeLiveSecurity

PromptSpy ushers in the era of Android threats using GenAI

ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – ...
GitHub

Verify or improve the Java, Go, Python vector search samples

the infrastructure provided in ./infra environment including the ENV variables names the location and name of the data file the model names and api version provided in the infrastructure If there are ...