The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

How I used Gemini to replace YouTube's missing comment alerts - in under an hour ...

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

LangChain and LangGraph have patched three high-severity and critical bugs.

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a ...

Learn how to protect Model Context Protocol (MCP) from quantum-enabled adversarial attacks using automated threat detection ...