Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
https://ift.tt/yBw6CQI researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published
144 Mastra npm Packages Compromised via Hijacked Contributor Account
https://ift.tt/yGru8BV many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
https://ift.tt/48RbWei flaw in the Google Cloud Vertex AI SDK for Python let an attacker with
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with
Google exposes China espionage group that’s been lurking in networks undetected since 2023
Google threat hunters spotted yet another Chinese state-sponsored espionage group that for years had burrowed
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
https://ift.tt/uNTal6U default low-privilege account on a LiteLLM proxy can climb to full admin and run
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
https://ift.tt/QYGDMOU broke again. Not in a movie way. An old tool was left exposed. An
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
https://ift.tt/2B8yLiE said on Friday it will “abruptly disable” its most advanced artificial intelligence (AI) models,
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
https://ift.tt/ydHlxeJ on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
Researchers are warning that cybercriminals exploited an Oracle PeopleSoft zero-day vulnerability and potentially infiltrated the