今週、複数のAIモデルへのリクエストをルーティングするために開発者が使用するオープンソースライブラリLiteLLMがサプライチェーン攻撃を受けた。LiteLLMのインシデント報告書とDatadogによる後の分析によると、悪意あるコードを含む ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

This Udemy Python course covers basic Python concepts like variables, loops, and functions. You’ll learn about more advanced ...

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.