攻撃を受けたLiteLLMについて

最近相次いで人気ライブラリがサプライチェーン攻撃の被害を受けている。3月24日には、人気のPythonパッケージ「LiteLLM」も被害を受けた。LiteLLMは、ChatGPTやGemini、Claudeなど人気のAPIを手軽に切り替えて使えるとい ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
Analytics India Magazine

New Research Finds Seven ‘Deadly’ Vulnerabilities in AI Benchmarks

A team of researchers from UC Berkeley have demonstrated that eight AI agent benchmarks can be manipulated to produce ...
クラウド Watch

スリーシェイクのデータ連携ツール「Reckoner」、独自のデータ処理 ...

株式会社スリーシェイクは13日、クラウド型データ連携ツール「Reckoner(レコナー)」において、データ連携フロー内でPythonおよびJavaScriptのコードを記述し、独自のデータ処理を実装できる「コード実行機能」を提供開始したと発表した。

The invisible shield: How AI is quietly protecting the software that runs your life

Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A ...
Houston Press

Reviews For The Easily Distracted: Normal

Normal plays into both Odenkirk's ordinary dudeness and Wheatley's penchant for filming lots of people shooting at each other. But the whole concept is wearing out its welcome.
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
eLife

Molidustat Targets a Synthetic Lethal Vulnerability in APC-Mutant Colorectal Cancer through ...

This important paper substantially advances our understanding of how Molidustat may work, beyond its canonical role, by identifying its therapeutic targets in cancer. This study presents a compelling ...