SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

Google shoehorned Rust into Pixel 10 modem to make legacy code safer

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...
The Hacker News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
TechJuice

Meta Suspends Work With $10 Billion AI Startup Mercor After Cyberattack

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

MCP, Agent Tool Access And The New Execution-Layer Security Gap

The execution layer has already shifted from humans to machines. This transition is not a future trend; it is the current ...
fern on MSN

Iran’s nuclear site was sealed off from the world - then the sabotage started from inside

Iran’s nuclear facility at Natanz was supposed to be beyond reach: buried underground, disconnected from the internet, and ...
The Next Web

Meta freezes AI data work after breach puts training secrets at risk

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...
GitHub

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw!

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw! - DerekPascarella/DreamMovie-UNLOCKED ...

The invisible shield: How AI is quietly protecting the software that runs your life

Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A ...