A malicious PyTorch Lightning update (v2.6.3) on PyPI spread briefly, stealing credentials and raising major concerns about AI supply chain security. A malicious update of the PyTorch Lightning library... Read more »
While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption is putting that progress at risk.... Read more »
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts. The activity... Read more »
We asked the hyperscalers how they would respond to US court-ordered eavesdropping on foreign citizen data – and got responses that highlight a paradoxical situation Read more »
Hyperscaler cloud is inherently global. Does that make data sovereignty unattainable – especially given the powers US courts hold? We grilled the hyperscalers in an attempt to find out Read more »
Digital sovereignty is hugely important to IT leaders but in most cases systems have been built on foundations they don’t control. Open standards are key to organisational agility Read more »
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a “portion” of its source code. It said it “recently identified” the compromise of... Read more »
A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. “These installers are distributed from... Read more »
Deniss Zolotarjovs was sentenced to 8.5 years in the U.S. after pleading guilty to money laundering and fraud tied to ransomware. Deniss Zolotarjovs, a Latvian national linked to the... Read more »
Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third‑party vendor, exposed personal details. Vimeo confirmed a data breach after the ShinyHunters gang stole... Read more »
