GitHub developers targeted by fake VS Code alerts spreading malware

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...

Top LLM PyPl package compromised to steal user details - here's what we know

Popular Python package LiteLLM compromised in supply chain attack Malicious updates (v1.82.7, v1.82.8) deployed TeamPCP Cloud Stealer infostealer Attack harvested cloud credentials, Kubernetes secrets ...