Прочитали GitHub - написали вирус. Первая эксплуатация SSRF в инструменте для запуска моделей
Хакеры «зашли» в LMDeploy всего через 12 часов после публикации CVE.
Signal weather
Stable
The story has moved beyond the first headline and now acts as a reliable context anchor.
Stay on the signal
Follow Прочитали GitHub - написали вирус. Первая эксплуатация SSRF в инструменте для запуска моделей
Follow this story beyond a single article: new follow-ups, adjacent sources, and the evolving storyline.
Story map
Understand this topic fast
A quick entry into the story: why it matters now, who is involved, and where to go next for context.
Why it matters now
Topic constellation
Open the live map for this story
See which entities, story threads, sources, and follow-up articles shape this story right now.
Click nodes to continue
Story timeline
Continue with this story
A short sequence of events and follow-up stories to understand the arc quickly.
How reliable this looks
Signal and trust for SecurityLab
This source works at a rapid pace: 100% of recent stories land in the hot window, and 0% carry visible search signal.
Reliability
92
Freshness
100
Sources in storyline
2
Related articles
More stories that share tags, source, or category context.
ИИ теперь не только пишет код, но и ворует пароли и крипту. Новая «фича» через GitHub
Около 10000 поддельных репозиториев на GitHub распространяют трояны.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Ask HN: Due to spam on GitHub, what platforms can I move my projects?
Comments
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Фото ваше, код чужой. Почему интерфейсу GitHub больше нельзя верить на слово
Платформа отказывается исправлять уязвимость ради мнимого удобства.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
I found 10k GitHub repositories distributing Trojan malware
Comments
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
More from SecurityLab
Fresh reporting and follow-up coverage from the same newsroom.
Новая волна взломов в WhatsApp распространяется через списки контактов
Атака начинается с обычного вложения, которому слишком легко поверить.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Вы скачали фильм на вечер, а домашний сервер уже выполняет чужие команды. Механика уязвимости PixelSmash в FFmpeg
Ошибка в декодере показала, насколько опасной бывает доверенная обработка чужих файлов.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Agentjacking: когда обычный лог об ошибке превращает ИИ-помощника в исполнителя чужих приказов
Разработчики всё чаще доверяют рутину автоматике, но новая схема показывает — так делать не стоит.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
«Squidbleed — новый Heartbleed?» Уязвимость в популярном прокси почти три десятилетия раскрывала данные пользователей
Как ошибка 1997 года смогла дожить до 2026-го?
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.