python
-
Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine
Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted…
Read More » -
Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code
Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed…
Read More » -
Researchers Uncover Vulnerabilities in Open-Source AI and ML Models
A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML)…
Read More » -
BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers
Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called…
Read More » -
AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks
Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted…
Read More » -
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet,…
Read More » -
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated…
Read More » -
GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets
A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental…
Read More » -
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration
A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia.…
Read More » -
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency…
Read More »