In the fast-evolving world of AI, security flaws can turn helpful tools into gateways for serious breaches.
A recent discovery highlights a server-side request forgery (SSRF) vulnerability in ChatGPT's "Actions" feature, which affects custom GPTs in OpenAI's popular chatbot.
This flaw allows attackers to...
The study targeted 50 prominent AI companies from the Forbes AI 50 list, excluding those without a GitHub presence. Shockingly, 65% nearly two-thirds showed verified secret leaks.
These include API keys, tokens, and credentials for platforms like Perplexity, Weights & Biases, Groq, and NVIDIA,...
GitHub has unveiled a comprehensive strategy to enhance npm’s security in response to a surge in malicious package registry attacks.
Following the self-propagating Shai-Hulud worm that infiltrated popular JavaScript packages on September 14, the platform is rolling out a series of measures aimed at preventing...
Cloudflare today revealed that its autonomous defenses mitigated the largest distributed denial-of-service (DDoS) attack ever recorded, peaking at a staggering 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps).
This hyper-volumetric strike eclipses the previous UDP flood record of 11.5 Tbps,...
Security researchers at GitGuardian have uncovered a sophisticated supply chain attack dubbed "GhostAction" that compromised 327 GitHub users across 817 repositories, successfully stealing 3,325 sensitive developer secrets.
The attack, discovered on September 5, 2025, represents one of the largest documented cases of malicious GitHub...