Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

Supply chain attacks feel like they're becoming more and more common.

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...