Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
Infosecurity Magazine

Cursor Extension Flaw Exposes Developer API Keys

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
CNET

Nothing to Watch on Netflix? These Secret Codes Unlock the Entire Library

It's frustrating to know there's a massive library of high-quality cinema available that you simply can't see because it ...

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

ARC Raiders: Where to Use the Riven Tides Classified Records Keycard

ARC Raiders just released their newest update for the extraction shooter game, and it's a sizable one. The major thing that's ...

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by ...
The Security Ledger

How Claude Planted Malicious Code In A Crypto-Trading App

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
Security Boulevard

10 Warning Signs Your Current Authentication Stack Is a Breach Waiting to Happen

Run a quick self-audit against 10 warning signs that your authentication stack has critical vulnerabilities. Each sign includes a diagnostic check, an explanation of why it's dangerous, and a concrete ...