AI管理ライブラリの「LiteLLM」がサプライチェーン攻撃を受け、一時的に悪意ある変更を含んだマルウェア版が配布されていたことが判明しました。LiteLLMのマルウェア版ではユーザーのSSHキーやAPIキーを盗み出すスクリプトが動作していたことも判 ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Supply chain attacks feel like they're becoming more and more common.

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Googleがオープンモデル群であるGemma 4を2026年4月2日に公開しました。このモデルはGemini ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

Anthropic, the flagship AI company, has inadvertently exposed the source code for its major CLI tool Claude Code. It has ...

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

How I used Gemini to replace YouTube's missing comment alerts - in under an hour ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...