The Hacker News

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.

Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

API proficiency in ChatGPT fetches Rs 30 lakh avg salary in India: Report

Developers with API-level expertise in AI tools such as ChatGPT from OpenAI earn an average salary of Rs 30.3 lakh in India, ...
Liliputing

Motorola plans to ship phones with GrapheneOS (Google-free, security-hardened Android)

GrapheneOS is an open source, Android-based operating system that puts an emphasis on privacy and security features. It’s been stripped of Google apps and services and includes replacements including ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
Bleeping Computer

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. The activity has been ongoing since at ...
Security

APi Group Completes Acquisition of CertaSite

APi Group Corp. announced it has completed its acquisition of CertaSite, a Midwest-based fire and life safety services provider. The deal, which closed on February 2, brings an inspection-focused ...
Reuters

'Moltbook' social media site for AI agents had big security hole, cyber firm Wiz says

WASHINGTON, Feb 2 (Reuters) - A buzzy new social network where artificial intelligence-powered bots appear to swap code and gossip about their human owners had a major flaw that exposed private data ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing ...
VentureBeat

OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem.

OpenClaw, the open-source AI assistant formerly known as Clawdbot and then Moltbot, crossed 180,000 GitHub stars and drew 2 million visitors in a single week, according to creator Peter Steinberger.
Seeking Alpha

Radware Launches a New End-to-End API Security Service Delivering Runtime Protection and Posture Management of APIs

MAHWAH, N.J., Jan. 20, 2026 (GLOBE NEWSWIRE) -- Radware (RDWR) ® (NASDAQ: RDWR), a global leader in application security and delivery solutions for multi-cloud environments, today announced the launch ...