As AI coding assistants invent nonexistent software libraries to download and use, enterprising attackers create and upload libraries with those names—laced with malware, of course.

DaVita has not named the ransomware group behind the incident or share details on the attacker’s ransom demands. The post Kidney Dialysis Services Provider DaVita Hit by Ransomware appeared first on SecurityWeek.

The business services provider confirms personal information such as names and Social Security numbers was stolen in a January cyberattack. The post Conduent Says Names, Social Security Numbers Stolen in Cyberattack appeared first on SecurityWeek.

In fresh filings, Landmark Admin and Young Consulting say data breaches back in 2024 impacted more people than initially estimated. The post 2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches appeared first on SecurityWeek.

China accuses three alleged U.S. NSA operatives of cyberattacks targeting critical infrastructure and the Asian Games in Harbin. The post China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games appeared first on SecurityWeek.

The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April. The post Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities appeared first on SecurityWeek.

Trend Micro researchers flagging problems with Nvidia’s patch for a critical, code execution vulnerability in the Nvidia Container Toolkit. The post Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed appeared first on SecurityWeek.

This is a current list of where and when I am scheduled to speak: I’m giving an online talk on AI and trust for the Weizenbaum Institute on April 24, 2025 at 2:00 PM CEST (8:00 AM ET). The list is maintained on this page.