Top LLM PyPl package compromised to steal user details

Aqua Security’s Trivy vulnerability scanner compromise is trickling down ...

LiteLLM loses game of Trivy pursuit, gets compromised

Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the ...

Malicious campaign targets popular OpenWebUI AI interface to mine crypty and steal credentials

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.
WinBuzzer

Trivy Breached Twice in a Month via GitHub Actions

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...