A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
a laptop screen with a webpage of the IT Army of Ukraine group of volunteer hackers. The IT Army of Ukraine first set up in the wake of Russia's devastating attack, and has since hugely grown in ...
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented ...
Oracle is introducing Oracle Deep Data Security, shifting enforcement to where the data lives along with making controls explicit, inspectable, and reusable across applications. Oracle Deep Data ...
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your security tools look.
Couchbase AI Data Plane brings governed memory, real-time context, and cloud-to-edge data access to enterprises moving AI ...