Security teams are scrambling after two malicious releases of the Telnyx Python SDK were uploaded to PyPI on March 27, turning a widely used developer tool into a credential-stealing backdoor that ...
Another big drawback: Any modules not written in pure Python can’t run in Wasm unless a Wasm-specific version of that module ...
The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...
LangChain and LangGraph, two popular open source frameworks for building AI apps, contained high-severity and critical ...
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...
Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...
Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results