最近相次いで人気ライブラリがサプライチェーン攻撃の被害を受けている。3月24日には、人気のPythonパッケージ「LiteLLM」も被害を受けた。LiteLLMは、ChatGPTやGemini、Claudeなど人気のAPIを手軽に切り替えて使えるとい ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...

Cloudbase株式会社（本社：東京都港区、代表取締役CEO：岩佐晃也）は、同社が提供する国産CNAPP（CSPM、SBOM、脆弱性管理）「Cloudbase」において、Cloudbase Sensorの機能を拡張し、新たにJavaおよびPythonパッケージのスキャン機能を追加したことをお知らせします。 これにより、従来のNode.jsに加え、JavaやPythonといった主要言語への対応を実 ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

The Chrome and Edge browsers have built-in APIs for language detection, translation, summarization, and more, using locally ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

Security researchers at Malwarebytes have found a fake Windows 11 24H2 update campaign that steals sensitive data from ...

Mark Collier briefed me on two updates under embargo at KubeCon Europe 2026 last month: Helion, which opens up GPU kernel ...

Google launches a native Gemini app for macOS with instant shortcut access, screen awareness, and deep integrations for a ...

This week in cybersecurity: 338 new CVEs published including 11 critical severity. 9 vulnerabilities added to CISA KEV catalog. Plus major developments in AI security, supply chain attacks, and ...

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...