Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Microsoft

Applying security fundamentals to AI: Practical advice for CISOs

Read actionable advice for CISOs on securing AI, managing risk, and applying core security principles in today’s AI‑powered ...

Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Hacked hospitals, hidden spyware: Iran conflict shows how digital fight is ingrained in warfare

Iran has turned to its cyber operations to make up for its military disadvantages in its conflict with Israel and the U.S. Since the war began last month, hackers supporting Iran have launched ...

3 steps to stronger cybersecurity in the age of AI

From the outside, it looks like an AI success story. Days later, a different picture emerges. The initial activity was only one part of a broader intrusion moving through an unknown third-party ...