Arabian Post

ComfyUI breach wave targets AI servers

The activity centres on unauthenticated ComfyUI deployments and the platform’s custom node ecosystem, which lets users add ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
GitHub

AI Repo Security Scanner

Note: Replace your-org and the repo name in the Tests badge URL with your GitHub org/repo to show CI status. A static application security testing (SAST) tool for scanning local source-code ...
GitHub

AI Web Vulnerability Scanner — V2

Three auth modes: form-based login (auto-detects the form, handles CSRF tokens), cookie injection, and Bearer/API token injection. The crawler and all detectors run with the authenticated session, so ...