LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

OVHcloud founder Octave Klaba and security researchers dismiss claims that hackers stole 590TB of data, citing a lack of ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...