InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

The New Power Tool For Knowledge Workers May Be Building An AI Chief Of Staff

A viral post about an AI chief of staff signals something bigger than productivity software. It signals a new class of worker ...

ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.

'No more tears': Former Sen. Ben Sasse talks frankly about his terminal cancer diagnosis

Ben Sasse, who served Nebraska for eight years in the U.S. Senate, spoke openly this week about living — and dying — with ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
CSO OnlineOpinion

LLM-generated passwords are indefensible. Your codebase may already prove it

Stop letting AI pick your passwords. They follow predictable patterns instead of being truly random, making them easy for ...