SecurityWeek

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
Security Boulevard

Payouts King Takes Aim at the Ransomware Throne

IntroductionIn February 2022, BlackBasta emerged as a successor to Conti ransomware and quickly rose to prominence. BlackBasta was operational for three years until February 2025 when their internal ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Security Boulevard

Stateless Hash-Based Signatures for AI Model Weight Integrity

You gotta build a "digital twin" of the mess you're actually going to deploy into, especially with stuff like mcp (model context protocol) where ai agents are talking to data sources in real-time.
CNX Software

ESP32-S3 gets post-quantum encryption with Aethyr Edge Node open-source firmware

Aethyr Research has released post-quantum encrypted IoT edge node firmware for ESP32-S3 targets that boots in 2.1 seconds and ...
eLife

Modality-agnostic decoding of vision and language from fMRI

Modality-agnostic decoders leverage modality-invariant representations in human subjects' brain activity to predict stimuli irrespective of their modality (image, text, mental imagery).
Infosecurity Magazine

How Security Leaders Can Safeguard Against Vibe Coding Security Risks

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...