TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...

APERION (formerly LangSmart), the enterprise AI governance company, today announced the launch of the SmartFlow SDK, ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software ...

A widely used Python package with more than 95 million monthly downloads has been compromised with credential-stealing ...

Point Wild, a leading global provider of AI-powered cybersecurity, today announced the immediate release of a free security tool, who-touched-my-packages (wtmp) – to provide developers visibility into ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...