Arcjet Launches Python SDK to Bring Application-Layer Security to Python Services and APIs

Arcjet today announced the release of its new Python SDK, extending Arcjet's application-layer security platform to Python-based services and APIs. The new SDK enables teams building with Python to ...
GovInfoSecurity

Flaw in AI Libraries Exposes Models to Remote Code Execution

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...
The Register on MSN

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ...
GitHub

Advanced Keylogger with Daily Log Rotation

A sophisticated, cross-platform keylogger written in Python with advanced features including AES-256 encryption, silent background operation, automatic startup/restart capabilities, and daily log ...
GitHub

Global Fishing Watch API Python Client

Map Visualization (4Wings API): Access AIS apparent fishing effort, AIS vessel presence, and SAR vessel detections between 2017 to ~5 days ago. Vessels API: Search and retrieve vessel identity based ...
IEEE

Graph Neural Networks for Physical-Layer Security in Multi-User Flexible-Duplex Networks

Abstract: This paper explores Physical-Layer Security (PLS) in Flexible Duplex (FlexD) networks, considering scenarios involving eavesdroppers. Our investigation revolves around the intricacies of the ...
Bleeping Computer

IBM warns of critical API Connect auth bypass vulnerability

IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. API Connect is an application ...
IEEE

Network Security Threat Intelligence Modeling Based on Knowledge Graph

Abstract: Knowledge graph, as a form of efficient organization of entities and concepts, can organize scattered distributed data and provide support for data analysis and knowledge reasoning for ...
The Hacker News

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2 ...
Forbes

The Future Of API Protection: Why Web And API Security Work Better Together

APIs are powering the new agentic era and underpinning nearly every digital platform from customer apps to back-end integrations. But as they multiply, they are expanding the attack surface ...
Bleeping Computer

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. A fork of ...
The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every ...