Security
Supply Chain Attacks, Grafana Breach Hit Open Source
Hackers published 630 malicious npm packages in 20 minutes as part of the ongoing Mini Shai-Hulud…
Category: Security
AI and cybersecurity — vulnerabilities, breaches, and the new generation of model-aware threats and defenses.
Security
Five Critical CVEs Demand Immediate Patching
Active exploitation of a CVSS 9.2 NGINX heap overflow (CVE-2026-42945) began within days of its patch,…
Security
AI Supply-Chain Attacks Hit OpenAI, Anthropic, Meta in 50
Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days during early 2026, exploiting CI/CD…
Security
Foxconn, West Pharma Hit by Ransomware in May 2026
Ransomware group Nitrogen claimed a breach at Foxconn, alleging theft of 8TB of data including customer…
Security
Four Critical CVEs Draw Active Exploits This Week
Four vulnerabilities drew active exploitation or urgent patch warnings this week: a CVSS 9.2 NGINX heap…
Security
Open-Source AI Models Face Supply Chain and Security Threats
A wave of supply-chain attacks and a newly disclosed tokenizer vulnerability in May 2026 exposed structural…
Security
NGINX, Outlook, VMware Flaws Hit in Active Attacks
Active exploitation of a critical NGINX heap overflow (CVE-2026-42945, CVSS 9.2) began days after F5 patched…
Security
Hugging Face Tokenizer Flaw Enables MitM Attacks on Local
HiddenLayer disclosed on May 12, 2026 that Hugging Face's tokenizer layer can be weaponized via a…
Security
Five CVEs Dominate June 2026 Patch Cycle
Five significant vulnerabilities disclosed this week affect Linux kernels, Microsoft Outlook, NGINX, and VMware Fusion, with…
Security
Foxconn, West Pharma Hit by Ransomware in Wave of Attacks
Ransomware groups struck Foxconn and West Pharmaceutical Services within days of each other in May 2026,…
Security
Hugging Face Models Targeted by Tokenizer Hijack and Supply
Security researchers have found two active threats targeting open-source AI models on Hugging Face: a tokenizer…
Security
Hugging Face Tokenizer Flaw Lets Attackers Hijack
HiddenLayer researchers disclosed a tokenizer vulnerability in Hugging Face that lets attackers hijack locally-run open-source models…