Supply chain attacks feel like they're becoming more and more common.

OpenAI’s new ChatGPT file library makes saved files easier to reuse, but deleting a chat no longer deletes the files inside ...

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

Karpathy proposes something simpler and more loosely, messily elegant than the typical enterprise solution of a vector ...

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

Independent researcher Simon Willison raises questions about hidden Series A and B rounds, investor windfalls, and whether a key piece of Python infrastructure just became a competitive weapon in the ...

Uploads bring prompts and responses, but not project files, attachments, or AI-generated images. The rollout skips the UK, ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The primary condition for use is the technical readiness of an organization’s hardware and sandbox environment.

Since February, cryptographer Nadim Kobeissi has been trying to get code fixes applied to Rust cryptography libraries to address what he says are critical bugs. For his efforts, he's been dismissed, ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...