TeamPCP strikes again, with almost identical code to LiteLLM.

A widely used Python package with more than 95 million monthly downloads has been compromised with credential-stealing malware, expanding the ongoing supply chain campaign linked to the TeamPCP threat ...

Vivo is gearing up to launch its flagship X300 series in India, with the X300 Ultra and X300 FE set to arrive soon. Following their international debut, both devices have been officially confirmed for ...

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials.

When Nandakishore Leburu was building LLM applications at LinkedIn, he learned that the models weren't the problem. The ...

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.

RippleX joins MoonPay's Open Wallet Standard Hackathon with XRPL and RLUSD challenge tracks targeting agentic finance and ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...