Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide persistence and lateral spread.
After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.
The primary condition for use is the technical readiness of an organization’s hardware and sandbox environment.
Enterprises must move beyond prevention to prioritize identity resilience, rapid containment, and recovery as core ...
If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.
LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer Machines
On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.
Dotty Dumpling’s Dowry in Madison, Wisconsin is the kind of place that makes you wonder if someone lost a bet when naming it, ...
OpenAI Group PBC today announced plans to acquire Astral Software Inc., a startup with a set of widely used Python development tools. The terms of the deal were not disclosed. Astral’s development ...
Nvidia's Nemotron-Cascade 2 is a 30B MoE model that activates only 3B parameters at inference time, yet achieved gold medal-level performance at the 2025 IMO, IOI, and ICPC World Finals. Nvidia has ...
OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...
OpenAI acquires Astral, the Python toolmaker, to enhance Codex AI coding assistant as it competes with Anthropic's Claude Code and Cursor.
Trivy backdoored, FBI buys location data, iOS DarkSword kit, WhatsApp usernames, Langflow RCE, Cisco FMC zero-day & critical ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results