Malicious campaign targets popular OpenWebUI AI interface to mine crypty and steal credentials

Cybernews researchers uncovered numerous OpenWebUI instances that were silently running malware.
Compare the Cloud

Open-Source AI Servers Hijacked with Cryptominers and Infostealers for Over a Year

The malicious scripts use a simple but effective obfuscation technique. The code repeatedly reverses byte sequences, decodes ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
BusinessMirror

Discord draws ire over latest age-restriction policy

FILE – A display Discord stands at the company’s booth at the Game Developers Conference 2023 in San Francisco on March 22, 2023. A major leak of classified U.S. documents that’s shaken Washington and ...
WeLiveSecurity

Award-winning news, views, and insight from the ESET security community

Cloud VMs offer unmatched speed, scale and flexibility – all of which could eventually count for little if they’re left to fend for themselves ESET’s Jake Moore used smart glasses, deepfakes and face ...