With a hunch, and an hour of AI-assisted scanning, cybersecurity researchers identified and then figured out how to exploit a ...

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive ...

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

New capabilities help organizations govern AI agents, recover critical business operations first, and automate cloud governance at scale • ...

In a structural departure from AI assistant add-ons, new agent architecture gives AI peers the same roles, permissions, ...

Etherpad is a self-hostable web editor written in Node.js for real-time collaborative writing – functionally comparable to ...

My homelab actually pays off now.

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

A new font can be a great way to spice up your PC projects. But you need to install them to use them. Here's how to install ...