Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Device drivers are the programs that enable computers to communicate with installed hardware such as scanners. When a computer does not recognize an otherwise functioning scanner that is connected to ...

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

Update: Article updated with comments from security researchers who believe this should not be considered a vulnerability. Update 2: CERT has retracted its bulletin and MITRE has rejected the CVE on ...