CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...

No-JavaScript fallbacks in 2026: Less critical, still necessary

Rendering isn’t always immediate or complete. Learn where no-JavaScript fallbacks still protect critical content, links, and ...

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...

LinkDaddy LLC Launches AI Verified to Solve SME Knowledge Graph Exclusion

AI Verified gives any registered business the machine-readable identity AI systems need to find and cite them — solving the ...

Google May Expand Unsupported Robots.txt Rules List

Google may expand its unsupported robots.txt rules list using HTTP Archive data and could broaden how it handles common ...
GovInfoSecurity

Grafana AI Bug Leaks Data With Zero-Click Exploit

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.

Nginx 1.30 changes default proxy behavior

ECH encrypts the TLS handshake, backends speak HTTP/2, and Multipath TCP uses multiple network paths in parallel.
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.
The Hacker News

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

According to Cisco Talos, it's these URL-exposed webhooks – which make use of the same *.app.n8n [.]cloud subdomain – that ...

OpenAI flags third-party data issue — all macOS users should update now

OpenAI rotated certificates and updated its apps out of an abundance of caution.

Aikido Security Launches Endpoint Protection for Developer Devices as Software Supply Chain Attacks Hit Unprecedented Scale

GHENT, Belgium, April 20, 2026 (GLOBE NEWSWIRE) -- Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by ...