Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Supply chain attacks feel like they're becoming more and more common.

ShellGPT makes the terminal user-friendly, saving time by generating commands, automating scripts, and guiding me through tasks.

OpenAI announced they are extending the Responses API to make it easier for developer to build agentic workflows, adding ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...

Every time Lee Chong Ming publishes a story, you’ll get an alert straight to your inbox! Enter your email By clicking “Sign up”, you agree to receive emails ...