Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Supply chain attacks feel like they're becoming more and more common.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

CNCF launches Dapr Agents v1.0 at KubeCon EU, prioritizing crash recovery and durability over intelligence. Zeiss validates ...

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate ...

The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions ...

网络安全研究人员发现了GlassWorm攻击活动的新演变，该活动部署了一个多阶段框架，能够进行全面的数据窃取并安装远程访问木马 (RAT)，该木马会部署一个伪装成Google文档离线版本的信息窃取Google Chrome扩展程序。