InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

iPhone exploit DarkSword has been released in the wild: How to protect yourself

DarkSword spyware has been posted in the wild. Credit: Cheng Xin/ DarkSword, the web-based hacker tool that can be used to ...
SecurityWeek

Extortion Group Claims It Hacked AstraZeneca

The Lapsus$ extortion group has claimed the theft of 3GB of data from AstraZeneca, including internal code repositories and ...
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...
Infosecurity Magazine

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...

Waratek Redefines Secure Development with Launch of Waratek IAST at JavaOne 2026

AI-assisted code speeds development, but introduces vulnerabilities at an alarming rate. Waratek IAST reports flaws ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

Cloud attacks are getting faster and deadlier - here's your best defense plan

Cloud attacks are getting faster and deadlier - here's your best defense plan ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud ...
Forbes

Bond Investors May Be Underpricing Cyber Risk As AI Speeds Up Attacks

Forbes contributors publish independent expert analyses and insights. Dara-Abasi Ita covers AI in boring asset classes. As AI-driven tools compress the "Time to Exploit" (TTE) from weeks to mere days, ...