The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

TeamPCP strikes again, with almost identical code to LiteLLM.

Claude, the AI chatbot from Anthropic, experienced a significant outage on Monday evening, impacting login and connection issues across its services including Claude.ai, API, and Claude Code. The ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

The IT security company NetKnights has released version 3.13 of its multi-factor authentication software, privacyIDEA ...