攻撃を受けたLiteLLMについて

最近相次いで人気ライブラリがサプライチェーン攻撃の被害を受けている。3月24日には、人気のPythonパッケージ「LiteLLM」も被害を受けた。LiteLLMは、ChatGPTやGemini、Claudeなど人気のAPIを手軽に切り替えて使えるとい ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
VentureBeat

OpenAI upgrades its Responses API to support agent skills and a complete terminal shell

Credit: VentureBeat made with GPT-Image-1.5 on fal.ai Until recently, the practice of building AI agents has been a bit like training a long-distance runner with a thirty-second memory. Yes, you could ...