Ajax data breach exposed season tickets, supporter bans open to tampering
AFC Ajax, the Dutch football club from Amsterdam, disclosed that an unknown hacker gained access to parts of its IT systems and obtained the email…
Category: HelpnetSecurity
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software…
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection…
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new…
Make OpenAI’s models misbehave and earn a reward
OpenAI’s public Safety Bug Bounty program focuses on AI abuse and safety risks across its products. The goal is to support safe and secure systems…
GitHub jumps on the bandwagon and will use your data to train AI
GitHub updated how it uses data to improve AI-powered coding assistance. Starting April 24, interaction data from Copilot Free, Pro, and Pro+ users may be…
Second RedLine infostealer operator ends up in US custody
Hambardzum Minasyan, an Armenian man extradited to the United States, is accused of conspiring with others to develop and operate the RedLine infostealer malware used…
Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks
Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked Salt Typhoon APT for many years now. To help them…
AI SOC vendors are selling a future that production deployments haven’t reached yet
Vendors selling AI-powered security operations platforms have built their pitches around a consistent set of promises: autonomous threat investigation, dramatic reductions in analyst workload, and…
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose…
Vorlon adds forensics and response to secure AI agents
Vorlon has unveiled AI Agent Flight Recorder and AI Agent Action Center, adding forensics and coordinated response to secure enterprise agentic ecosystems and close a…
Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars
A Russian national has been sentenced to 24 months in prison after admitting he managed a botnet used to launch ransomware attacks against dozens of…