The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Supply chain attacks feel like they're becoming more and more common.

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as ...

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...

If you’re wrangling financial data, the choice between PDF and CSV formats can seriously impact your workflow. PDFs look ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Model selection, infrastructure sizing, vertical fine-tuning and MCP server integration. All explained without the fluff. Why Run AI on Your Own Infrastructure? Let’s be honest: over the past two ...

IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...