Large-Scale Credential Harvesting Operation Targets Vulnerable Next.js Applications A significant credential harvesting operation has been detected exploiting the React2Shell vulnerability, marking a serious threat to numerous organizations. This operation aims to steal sensitive information, including database credentials, SSH private keys, AWS secrets, shell command histories, Stripe API keys, and GitHub…
Critical Vulnerability Exposes Millions of AI Agents to Hackers A serious security flaw has been identified in Starlette, an open-source framework widely used by AI agents and tools globally, alerting industry experts to substantial cybersecurity risks. This vulnerability could enable malicious hackers to penetrate servers that host these tools and…
OpenAI Discloses Compromise in macOS App Signing Workflow OpenAI has issued a statement regarding a significant security incident that occurred on March 31, revealing that a GitHub Actions workflow tied to the signing of its macOS applications inadvertently downloaded a malicious Axios library. Fortunately, the company has confirmed that this…
Moltbook Data Breach Exposes Sensitive User Information On January 31, 2026, a significant data breach was disclosed involving Moltbook, a social networking platform specifically designed for AI agents. The breach has led to the exposure of approximately 35,000 email addresses and 1.5 million agent API tokens associated with around 770,000…
Critical Vulnerability Discovered in LiteLLM Python Package, Exploitation Initiated Within 36 Hours In a recent cybersecurity incident, a serious vulnerability has been identified in the LiteLLM Python package developed by BerriAI. This flaw, cataloged as CVE-2026-42208, has been linked to an SQL injection issue that can allow malicious actors to…
Data Privacy Concerns Highlighted in Recent Research on Major Tech Firms Recent investigative findings from EPIC (Electronic Privacy Information Center) reveal significant shortcomings in the opt-out processes of prominent technology companies, raising alarms about consumer privacy rights. EPIC’s researchers discovered that platforms including Meta, X (formerly Twitter), OpenAI, and Tinder…
As the software industry has evolved over recent decades to enhance product security, the rapid adoption of artificial intelligence (AI) threatens to undermine these advancements. Companies are rapidly implementing self-hosted large language model (LLM) infrastructures, driven by the potential of AI as a transformative tool and the urgency to increase…
The troubling aftermath of an iPhone theft may not merely lie in the loss itself but in the ensuing phishing threats aimed at contacts within the device. Recent investigations have uncovered a robust infrastructure enabling criminals to bypass iPhone security, subsequently exploiting the personal information of the phone’s owner. In…
A gunman attempted to breach the White House Correspondents’ Dinner in Washington, DC, last weekend, where President Donald Trump, Vice President JD Vance, and various administration officials were present. Authorities quickly identified the suspect as 31-year-old Cole Tomas Allen, an engineer and computer scientist from California. He was apprehended at…
