Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

Supply chain attacks feel like they're becoming more and more common.

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Better AI interfaces, especially agents and mobile-linked tools, may unlock capability more than bigger models.

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...