After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Microsoft’s geospatial data service is designed to help research projects using public satellite and sensor information.

Supply chain attacks feel like they're becoming more and more common.

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

DNS flaw in Amazon Bedrock and critical AI vulnerabilities expose data and enable RCE, risking breaches and infrastructure ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

A 12th-grade student in Thanh Hoa Province has been accused of developing malicious software and selling it to cybercrime ...

A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...