Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

On April 29, 2026, security researchers at Theori and Xint Code publicly disclosed CVE-2026-31431, a Linux kernel privilege escalation vulnerability they named Copy Fail. Any unprivileged local user ...

IT researchers have discovered a vulnerability in the Linux kernel that attackers can exploit to gain root privileges. The discoverers have named the vulnerability “Copy Fail.” Virtually all Linux ...

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...

All Linux kernels released after 2017 are vulnerable to critical privilege escalation bugs. A tiny 732-byte exploit grants root privileges across all major Linux distributions, with containerized ...

An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...

The Python SDK for OpenZiti is a library that enables you to integrate zero trust network connectivity into your Python applications, and establish secure connections with remote network resources ...

The rise of LLM-powered code generation tools is reshaping how developers write software - and introducing new risks to the software supply chain in the process. These AI coding assistants, like large ...

Researchers found three malicious PyPI packages, two targeting bitcoin developers, and one WooCommerce stores Two are designed to steal data, and the third to test for valid credit cards All three ...