Bleeping Computer

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Windows is finally fixing a years-old security hole in April

In April 2026, Microsoft is blocking old kernel drivers in Windows, closing a vulnerability that's been exploited for years.

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

I built a web page with OpenAI’s Codex in 5 minutes. Here’s how

PCWorld demonstrates how OpenAI’s Codex can generate a complete personal homepage in just 56 seconds using simple prompts and ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

How to Set Up NVIDIA NemoClaw the Right Way

Learn how to install and configure NVIDIA NemoClaw with our complete step-by-step guide. Follow these easy instructions to ...
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Dark Reading

Cyber OpSec Fail: Beast Gang Exposes Ransomware Server

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as ...

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.
InfoWorld

19 large language models redefining AI safety—and danger

Whether you are looking for an LLM with more safety guardrails or one completely without them, someone has probably built it.