OpenAI identifies security issue involving third-party tool, says user data was not accessed

OpenAI said on Friday it had identified a security issue involving a third-party developer tool called ​Axios and is taking ...
Cybernews

This Python notebook flaw shows how fast hackers are acting on advisories

A critical flaw in Python tool Marimo was exploited within 10 hours of disclosure, researchers report, highlighting how quickly attackers are now turning vulnerability advisories into real-world ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
How-To Geek on MSN

Stop using Claude as just a chatbot—MCP changes everything

MCP is the MVP.

How I vibe-coded a web tool in three days with no programming experience

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...

Report: Cybercriminals steal source code from Cisco and its customers

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...
Dark Reading

TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

GitHub developers targeted by fake VS Code alerts spreading malware

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...
theregister

GitHub hits CTRL-Z, decides it will train its AI with user data after all

Microsoft's GitHub next month plans to begin using customer interaction data – "specifically inputs, outputs, code snippets, and associated context" – to train its AI models. The code locker’s revised ...

Nvidia CEO Jensen Huang bids to own the entire AI factory stack

At this bigger-than-ever GTC, Huang made it clear that Nvidia is gunning to command the levers of the entire AI factory hardware and software stack, though of course it’s leaving plenty of room for ...