PRT-scan is the second campaign in recent months where a threat actor has leveraged AI for automated targeting of a ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

TENEX.ai has raised $250 million in a Series B round led by Crosspoint Capital Partners. depthfirst has raised $80 million in ...

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

AI hiring startup Mercor confirmed it was "one of thousands of companies" affected by the LiteLLM supply-chain attack as the ...

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...

Anthropic accidentally exposed its most powerful unreleased AI model to compromise, and days later shipped its flagship ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.