The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

How I used Gemini to replace YouTube's missing comment alerts - in under an hour ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

The Lapsus$ extortion group has claimed the theft of 3GB of data from AstraZeneca, including internal code repositories and ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

Your old laptop is about to outwork that overpriced NAS box ...

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...