Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
Decrypt

OpenAI Finally Explains Why ChatGPT Wouldn't Stop Talking About Goblins

Why did OpenAI have to write "never mention goblins" into its production code on ChatGPT? The company has published a ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

OpenAI explains its goblin and gremlin infestation

OpenAI included a line in Codex's instructions restricting references to goblins, gremlins, trolls, and ogres. It also ...
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...