A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

My reliable, low-friction self-hosted AI productivity setup.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

'Open Sesame' goes my wallet ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Thinking about learning Python coding online? It’s a solid choice. Python is pretty straightforward to pick up, ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

OpenAI’s new ChatGPT file library makes saved files easier to reuse, but deleting a chat no longer deletes the files inside ...

The middles of novels are very hard to write, but the middle of stories are where everything changes,’ says the author.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...