The Hacker News

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

LiteLLM 1.82.7–1.82.8 supply chain attack exposed 33,185 secrets across 6,943 machines, leaving 3,760 valid credentials ...

New GPUBreach attack enables system takeover via GPU rowhammer

A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a ...

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and Enkrypt AI CSO Merritt Baer weigh in on agent permissions and derived IP ...
TechAnnouncer

Mastering Your Cloud Infrastructure: A Guide to the EC2 Capacity Manager

Managing your cloud setup can feel like a puzzle sometimes, especially with all the different services AWS offers. Amazon EC2 ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
CSO Online

China-linked cloud credential heist runs on typos and SMTP

The Linux-based ELF backdoor is targeting cloud workloads across providers, using SMTP-based C2 and typosquatted Alibaba ...
Carnegie Mellon University

Carnegie Mellon University, AI Strike Team and AWS to Showcase the Future of Physical AI During NFL Draft Week

Carnegie Mellon University and the AI Strike Team today unveiled new details for the Powering the Future of Sport: A Draft Week Showcase ...

Microsoft: Temporary CapEx Panic Masks The Long-Term Edge

Microsoft's shift to agentic AI, custom silicon, and the M365 E7 suite positions it to absorb SaaS budget consolidation.