LIVE THREATS
HIGH Python Supply-Chain Compromise // HIGH Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign // HIGH Google's Vertex AI Is Over-Privileged. That's a Problem // CRITICAL Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances … // CRITICAL How We Broke Top AI Agent Benchmarks: And What Comes Next // LOW Anthropic Claude Mythos Preview: The More Capable AI Becomes, the More Security It Needs // CRITICAL US summons bank bosses over cyber risks from Anthropic's latest AI model // HIGH Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands? // HIGH Browser Extensions Are the New AI Consumption Channel That No One Is Talking About // HIGH Process Manager for Autonomous AI Agents //
LITELLM

Litellm

1 report
All LLM Security Industry News Agentic AI Supply Chain Regulatory Research Adversarial ML Model Theft Prompt Injection
$ ./scan --target ai-model --mode deep[*] Initialising threat classifier v2.4.1[*] Loading MITRE ATLAS ruleset ... OK[!] Anomaly detected — confidence 0.94[*] Cross-referencing OWASP LLM Top 10 ...[*] Mapping attack vectors ...[+] SUPPLY CHAIN — category match CONFIRMEDGRID THE GREY // THREAT INTEL // SESSION 1050TTYSUPPLY CHAINPython Supply-Chain CompromiseHIGHSCHNEIER ON SECURITY8.2GRID THE GREY
ATLAS OWASP HIGH Schneier on Security ▲ 8.2

Python Supply-Chain Compromise

A malicious supply chain attack was discovered in litellm version 1.82.8, a widely-used Python library that serves as a unified interface for interacting with large language model APIs. The …

AML.T0010 - ML Supply Chain Compromise AML.T0018 - Backdoor ML Model AML.T0047 - ML-Enabled Product or Service