Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the ...
The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are becoming a new software supply chain attack vector. A malicious Hugging ...
If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...
LiteLLM, a massively popular Python library used by AI developers, was compromised to deliver a mass credential harvesting malware, sending shockwaves across the industry. The “software horror” spread ...
The TeamPCP supply chain attack compromised LiteLLM packages 1.82.7 and 1.82.8, stealing SSH keys, cloud credentials, API tokens, and more from developer machines, where secrets live, breathe, and ...
In a recent engagement I found a GitLab instance on the target, I found a PoC on Exploit-DB but it uses LDAP for authentication and it was disabled in this case, so I created this python script which ...
A set of command line tools and Python library for working with SARIF files. Read more about the SARIF format here: sarifweb.azurewebsites.net. You need Python 3.8 or ...
Cybercriminals have been known to approach their targets under the guise of company recruiters, enticing them with fake employment offers. After all, what better time to strike than when the potential ...
Facebook messages are being used by threat actors to distribute a Python-based information stealer dubbed Snake that’s designed to capture credentials and other sensitive data. “The credentials ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results