攻撃を受けたLiteLLMについて

最近相次いで人気ライブラリがサプライチェーン攻撃の被害を受けている。3月24日には、人気のPythonパッケージ「LiteLLM」も被害を受けた。LiteLLMは、ChatGPTやGemini、Claudeなど人気のAPIを手軽に切り替えて使えるとい ...
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Geopolitical Monitor

Distributed Risk: Open-Source Software as Strategic Infrastructure

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...

What most LLM apps get wrong about security

When Nandakishore Leburu was building LLM applications at LinkedIn, he learned that the models weren't the problem. The ...

Two different attackers poisoned popular open source tools - and showed us the future of ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
The Tech Edvocate

Surge in Cybersecurity Threats: Recent Incidents Highlight Growing Risks

Spread the loveIn a troubling escalation of cyber threats, the past 48 hours have witnessed a significant surge in attacks targeting both software supply chains and individuals. Security researchers ...