FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

Thanks to the student council members at Pine Tree ISD’s Birch Elementary School, 71 East Texas youth in foster care will have something to look forward to on their birthday. With the help of the ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials.

infosec in brief The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing ...

TeamPCP strikes again, with almost identical code to LiteLLM.

TeamPCP has again expanded its supply chain attacks on open-source repositories by targeting Telnyx, according to security researchers. The cyber threat group recently rose to notoriety by uploading ...

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.

LiteLLM ' was subjected to a supply chain attack, and it has been discovered that a malware version containing malicious modifications was temporarily distributed. It has also been found that the ...

LiteLLM, a widely used AI developer tool, was hit by a supply chain attack through a malicious PyPI release. The malware stole credentials, spread across systems, and crashed machines. The incident ...

A widely used Python package with more than 95 million monthly downloads has been compromised with credential-stealing malware, expanding the ongoing supply chain campaign linked to the TeamPCP threat ...