ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
CIO

Understanding tokenization and consumption in LLMs

At the core of these advancements lies the concept of tokenization — a fundamental process that dictates how user inputs are interpreted, processed and ultimately billed. Understanding tokenization is ...
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
TechAnnouncer

Leveraging LinkedIn Data for Generative AI Improvement: A Comprehensive Guide

Companies and researchers can use aggregated, anonymized LinkedIn data to spot trends in the job market. This means looking ...
Cybernews

Hackers siphon data from 5M hotel guests, feeding it live onto Telegram

Cybernews research has uncovered a massive operation that was siphoning booking data from Spanish and Austrian hospitality ...
Geopolitical Monitor

Distributed Risk: Open-Source Software as Strategic Infrastructure

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
Bleeping Computer

Cisco source code stolen in Trivy-linked dev environment breach

Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
TechRepublic

TIOBE Index for April 2026: Top 10 Most Popular Programming Languages

TIOBE Index for April 2026: Top 10 Most Popular Programming Languages Your email has been sent Python remains on top despite another dip; C gains ground in second place, and April keeps the same top ...