Squidbleed (CVE-2026-47729) Heartbleeds ancient cousin, hiding in Squid since 97blog.calif.io3 points·by chillax·22 giorni fa·0 comments
Mellum2 Goes Open Source: A Fast Model for AI Workflowsblog.jetbrains.com7 points·by chillax·mese scorso·0 comments
Disrupting Glassworm: Inside CrowdStrike's Takedown of a Dev-Targeting Botnetcrowdstrike.com4 points·by chillax·2 mesi fa·0 comments
Catch hallucinated, typosquatted, non-canonical dependencies before productiongithub.com2 points·by chillax·2 mesi fa·0 comments
Vulnpocalypse: AI, Open Source, and the Race to Remediateresilientcyber.io1 points·by chillax·3 mesi fa·0 comments
The Team PCP Snowball Effect: A Quantitative Analysisblog.gitguardian.com4 points·by chillax·3 mesi fa·0 comments
Invisible Prompt Injection Through Markdown and HTML-Commentsgithub.com2 points·by chillax·5 mesi fa·0 comments
Turning Cloudflare into an SSRF Engine,Reaching What You Were Never Meant to Seeriversecurity.eu1 points·by chillax·5 mesi fa·0 comments
Ubiquiti: The U.S. Tech Enabling Russia's Drone Warhntrbrk.com25 points·by chillax·5 mesi fa·3 comments
AI's Bottleneck Isn't Models or Tools, It's Securityzkorman.com1 points·by chillax·6 mesi fa·1 comments
CyberSlop – meet the new threat actor, MIT and Safe Securitydoublepulsar.com3 points·by chillax·8 mesi fa·0 comments
AMD signs AI chip-supply deal with OpenAI, gives it option to take a 10% stakereuters.com442 points·by chillax·9 mesi fa·370 comments
Security Degradation in Iterative AI Code Generationarxiv.org1 points·by chillax·9 mesi fa·0 comments
chillax·mese scorso·discussCompanies such as socket and safedep will still scan new packages and alert on malware (if they are able to detect it) so the packages are taken down before they pass your cool down
chillax·3 mesi fa·discussYou could se if it helps with https://betterexplained.com/calculus/lesson-1/ or https://youtu.be/WUvTyaaNkzM
chillax·5 mesi fa·discussRelated: Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-a...
chillax·8 mesi fa·discussSome are testing viabilityhttps://www.luftfartstilsynet.no/en/about-us/news/news-2025/...
chillax·10 mesi fa·discussAccording to Aikido Security the attack has now targeted 180+ packages: https://www.aikido.dev/blog/s1ngularity-nx-attackers-strike-...