12:58
2026-06-26
nesbitt.io
ai-safety
Incident CVE-2026-LGTM
A malicious package named foxhole-lz4 bypassed seven AI-powered security gates on the creats.io registry, exfiltrating credentials for 96 hours before being resolved by treaty. The incident, which affโฆ