Dark Reading

DPRK's Konni Targets Blockchain Developers With AI-Generated Backdoor

The North Korean threat group is using a new PowerShell backdoor to compromise development environments and target ...
CPO Magazine

Hackers Are Auctioning 860GB of Source Code Stolen From Target’s Development Server

Hackers have listed 860GB of private source code and assets stolen from Target’s Gitea self-hosted software development ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Konni hackers target blockchain engineers with AI-built malware

The North Korean hacker group Konni (Opal Sleet, TA406) is using AI-generated PowerShell malware to target developers and engineers in the blockchain sector.
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

AI framework flaws put enterprise clouds at risk of takeover

Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud ...
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...
The Register on MSN

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ...
Dark Reading

Critical 'MongoBleed' Bug Under Attack, Patch Now

Attackers are actively exploiting a critical vulnerability in MongoDB to steal sensitive information directly from an affected server's memory. The attacks appear to have started on Dec. 29, barely ...
IEEE

SUNFLOWER: Enhancing Linux Kernel Fuzzing via Exploit-Driven Seed Generation

Abstract: The Linux kernel is the foundation of billions of contemporary computing systems, and ensuring its security and integrity is a necessity. Despite the Linux kernel's pivotal role, ...
GitHub

The Python development workflow your past self had always hoped for is finally here!

This project is meant as an enterprise-ready template for developing Python packages. If that bar is a bit too high for you, then you can checkout Straight to the Money 💰. Paleofuturistic Python is a ...