Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...

Microsoft patched a Microsoft 365 Android flaw that exposed account tokens across six apps. Here’s what IT teams should check ...

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Near Protocol will introduce dynamic resharding in June, allowing the blockchain to automatically add shards as demand grows without human intervention. The upgrade aims to boost scalability for an AI ...

When it comes to AI, tokens are the coin of the realm. Here’s how to understand their importance to both users and AI vendors. Google has only one way to measure the phenomenal AI growth it’s seen: in ...

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Peter Steinberger is on a token spending spree. On Friday, the creator of OpenClaw posted a screenshot ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

The Weaviate incident in 2025 illustrated this clearly. A researcher discovered an exposed OpenAI API key in a public ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...