Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and trigger remote code execution across tenants. A design flaw in the Vertex AI ...
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of ...
CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader chaos unfolding across open-source ecosystems is making isolated takedowns ...
The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence. A newly uncovered ...
The Gradle plugin that compiles Protocol Buffer (aka. Protobuf) definition files (*.proto) in your project. There are two pieces of its job: Note if you are generating non-Java/Kotlin source files, ...
An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
ESET researchers have discovered a previously unknown malware family that utilizes custom and well-designed modules, targeting systems running Linux. Modules used by this malware family, which we ...