Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
WinBuzzer

90% of Claude Code Output Lands in Low-Star GitHub Repos

Anthropic's Claude Code has surpassed 20 million GitHub commits, but 90% of output has landed in repos with fewer than two ...
The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
BeInCrypto

How to Build Your First Crypto Bot For Free — No Coding Required

You don't need to be a developer to build your own crypto bot. Here's how traders are doing it in 30 minutes, for free.
CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

OpenAI's Astral deal reveals hidden funding rounds, investor windfall: AI researcher Simon Willison

Independent researcher Simon Willison raises questions about hidden Series A and B rounds, investor windfalls, and whether a ...

Panther rolls out AI SOC Platform with agents that learn and improve over time

Security monitoring platform company Panther Labs Inc. today announced the general availability of its complete AI SOC Platform, a new security operations service where artificial intelligence agents ...
Blockonomi

OpenAI Acquires Python Toolmaker Astral to Bolster Codex Against Claude Code

OpenAI acquires Astral, the Python toolmaker, to enhance Codex AI coding assistant as it competes with Anthropic's Claude ...