The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The European Union’s (EU) newly appointed competition chief has sent a clear message to the Trump administration: political pressure will not derail investigations into American technology giants like ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

APERION (formerly LangSmart), the enterprise AI governance company, today announced the launch of the SmartFlow SDK, ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

This Windows 11 24H2 update download could quietly compromise your system and steal sensitive personal data, putting your system's privacy and security at serious risk.

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Shadow AI 2.0 isn’t a hypothetical future, it’s a predictable consequence of fast hardware, easy distribution, and developer ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.