Supply‑Chain Attack on LiteLLM Infects Thousands, Mercor Among Victims
A malicious contributor slipped back‑door code into the open‑source LiteLLM library, a widely used wrapper for prompting large
Supply‑Chain Compromise of LiteLLM Hits Mercor Recruitment Platform
Mercor reported that attackers published a malicious version of the open‑source LiteLLM Python package, which the company uses to
Fake CERT‑UA Phishing Spreads AGEWHEEZE RAT to Millions
Attackers spoofed the official Ukrainian Computer Emergency Response Team (CERT‑UA) in a large‑scale email campaign that targeted roughly
New SSH/Telnet Scans, OpenSSL Exploit, and Ransomware‑Driven DDoS Spike Alert
The SANS Internet Storm Center observed a sharp rise in automated scans targeting SSH and Telnet services, primarily originating from
Mercor Recruiting Compromised via Malicious LiteLLM Supply‑Chain Injection
Mercor, an AI‑driven recruiting platform, was breached when a compromised version of the open‑source LiteLLM library was introduced
Insider‑Threat Platform Hijacked via Update Supply‑Chain Attack
A threat‑actor group compromised a leading insider‑threat detection solution by injecting malicious code into a routine software update.
Critical Memory‑Corruption Bug Hits Popular AI Inference Library
Security researchers have uncovered a severe memory‑corruption flaw in an open‑source AI model inference library that is widely
4️⃣ Nation‑state actors targeting cloud credential theft
Multiple nation‑state cyber espionage groups have intensified campaigns to steal cloud service credentials. By exploiting misconfigurations and weak access
Critical Supply‑Chain RCE Found in Popular IoT Camera Firmware
Security researchers have identified a remote code execution (RCE) flaw in the firmware of a widely used line of IoT
Zero‑Day in Popular VPN Client Enables Lateral Movement Across Corporate Networks
Security researchers have uncovered a zero‑day flaw in a widely deployed VPN client that breaks tunnel isolation. By sending
