London AI Startup Coda One Launches Free Platform With 59 Productivity Tools, Taking Aim at Subscription Fatigue

Coda One, a London-based AI startup, has launched a free online platform combining 59 AI writing, PDF, image, and developer ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Stryker attack raises concerns about role of device management tool

Researchers from Halcyon told Cybersecurity Dive the Stryker attack impacted all phones and workstations with an Intune base ...
Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...
MUO on MSN

I archive every webpage the moment I bookmark it and I've never lost a saved link since

Bookmarks break, this extension makes sure mine never do.

Indirect Injection and Multi-Modal Attacks: Poisoning the Pipeline

Indirect prompt injection represents a more insidious threat: malicious instructions embedded in content the LLM retrieves ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

That top Google result for Homebrew could infect your Mac

Malicious ads are pushing fake Homebrew installers to Mac users, and the attack relies on trusting the first Google search result.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Security Boulevard

The Trivy Supply Chain Compromise: What Happened and Playbooks to Respond

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...