A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

The free plugin is now available on the WordPress Plugin Directory, compatible with Contact Form 7, WPForms, Ninja ...

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.

Preview this article 1 min The dispute centers on prescription drug claims between 2020 and 2022. Charter alleges the methodology shift coincided with Express Scripts' integration into Cigna. Urgent ...

An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...