Chainlit AI framework bugs let hackers breach cloud environments

Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, ...
InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Security Boulevard

APT Attacks Target Indian Government Using GOGITTER, GITSHELLPAD, and GOSHELL | Part 1

IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...
News Medical

timsTOF - Next generation ion mobility separation from Bruker

Ion mobility is a powerful extension to mass spectrometry that delivers information about the three dimensional structure of an ion, and increases peak capacity and confidence in compound ...