Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
On Monday, Russian users found they could no longer reach PyPI, the package repository that Python developers rely on for code libraries.
If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...
The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed. PyPI is ...
Abstract: Existing data visualization tools predominantly rely on manual development or traditional software solutions to translate raw data into meaningful visual representations. However, these ...
Python libraries for cybersecurity help automate threat detection, network monitoring, and vulnerability analysis. Tools like Scapy, Nmap, and Requests enable penetration testing and network security ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results