Security Boulevard

Which Came First: The System Prompt, or the RCE?

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

AI & Tech Brief: The cybersecurity gold rush

Cybersecurity and tech firms are positioning themselves to capture the exploding market for AI “governance.” Why leading ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...
WinBuzzer

Mozilla Launches Cq as ‘Stack Overflow for AI Agents’

Mozilla AI has launched cq, an open-source platform described as Stack Overflow for AI agents, sparking immediate security ...
Digital Production

Handy RefTool 3.0 speeds Maya ref matching

RefTool brings reference camera controls into one Maya UI, with free and paid versions plus JSON export for reusable setups.