A vulnerability in the telnetd of GNU Inetutils allows attackers from the network to inject malicious code – without prior authentication. An update to patch the security hole is not yet available.

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

The top stories, industry insights and relevant research, assembled by our editors and delivered to your inbox. Follow us for the latest industry news and insights.

Every time Lee Chong Ming publishes a story, you’ll get an alert straight to your inbox! Enter your email By clicking “Sign up”, you agree to receive emails ...

Valued at $1.6 billion, a tiny start-up called Axiom is building A.I. systems that can check for mistakes. Valued at $1.6 billion, a tiny start-up called Axiom is building A.I. systems that can check ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

'Open Sesame' goes my wallet ...