The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

OpenAI announced they are extending the Responses API to make it easier for developer to build agentic workflows, adding ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

GameSpot may get a commission from retail offers. Marathon has plenty of contracts for you to tackle, and one of them will task you with finding where to download data from the terminal inside south ...

Threats actors pounced on the vulnerability within hours of its disclosure, demonstrating that organizations have little time ...

This article introduces practical methods for evaluating AI agents operating in real-world environments. It explains how to ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The open-source tool promises hands-free automation, but users may find it costly, complex, and less practical than expected.

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...