Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

Microsoft will invest $10 billion in Japan through 2029 to expand AI infrastructure, deepen cybersecurity ties, and train ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

TECH AFFAIRS: Research by Israeli cybersecurity company Check Point found a weakness in ChatGPT’s system that could allow ...

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The digital travel platform has set its sights on becoming an AI-powered travel companion as it changes how it builds ...