The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...
Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...
APERION (formerly LangSmart), the enterprise AI governance company, today announced the launch of the SmartFlow SDK, ...
Anthropic exposed Claude Code source on npm, revealing internal architecture, hidden features, model codenames, and fresh ...
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing developers to credential theft, ...
A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials such as environment variables, SSH keys, and passwords.
New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...
10h
Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot
Shadow AI 2.0 isn’t a hypothetical future, it’s a predictable consequence of fast hardware, easy distribution, and developer ...
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results