SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

The Mythos Breach: Why Frontier Models Turn AI Safety Into A Fiduciary Responsibility

Frontier Models create new fiduciary responsibilities for corporate governance. Corporate boards need to understand the new ...
Arabian Post

MCP flaw rattles AI supply chain

Anthropic’s Model Context Protocol, a fast-growing standard used to connect AI models with external tools and data, has come ...

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

Context decay, orchestration drift, and the rise of silent failures in AI systems

Enterprises are obsessing over model accuracy while ignoring the infrastructure layer where AI systems actually break.