Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
Infosecurity Magazine

How Security Leaders Can Safeguard Against Vibe Coding Security Risks

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...
The Hacker News

The State of Trusted Open Source Report

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...
eWeek

Microsoft Unveils $10B Plan to Scale AI, Cloud, and Cybersecurity in Japan

Microsoft will invest $10 billion in Japan through 2029 to expand AI infrastructure, deepen cybersecurity ties, and train ...
SecurityWeek

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Dark Reading

OWASP GenAI Security Project Gets Update, New Tools Matrix

In recognition of 21 GenAI risks, the standards groups recommends firms take separate but linked approaches to defending ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

AI & Tech Brief: The cybersecurity gold rush

Cybersecurity and tech firms are positioning themselves to capture the exploding market for AI “governance.” Why leading ...