During an investigation into exposed OpenWebUI servers, the Cybernews research team identified a malicious campaign targeting vulnerable OpenWebUI servers with cryptocurrency miners and Info Stealers.

In February, a user named EricKeller2 posted on Reddit. “I mapped every connection in the Epstein files,” he wrote. He had built a website and database of more than 1.5 million files related to the ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

DNS flaw in Amazon Bedrock and critical AI vulnerabilities expose data and enable RCE, risking breaches and infrastructure ...

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.

Microsoft’s geospatial data service is designed to help research projects using public satellite and sensor information.

AI agents are now placing trades on prediction markets through the same APIs that human developers use, and regulators are scrambling to keep pace. Platforms like Kalshi and Polymarket have built ...

A method for exfiltrating sensitive data from AI-powered code execution environments using domain name system (DNS) queries has been demonstrated by security researchers, highlighting potential risks ...

The Azure Kubernetes Service (AKS) team at Microsoft has shared guidance for running Anyscale's managed Ray service at scale. They focus on three key issues: GPU capacity limits, scattered ML storage, ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Amazon wins an early court order against Perplexity, halting parts of Comet’s AI shopping push and teeing up a rapid Ninth Circuit appeal now.