The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...
TeamPCP strikes again, with almost identical code to LiteLLM.
LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer Machines
On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.
The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts ...
Thousands of applications that have taken advantage of open source Python Package Index (PyPI) software packages may be at risk of hijacking and subversion by malicious actors, opening up the ...
A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...
A security firm found three malicious Python libraries uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed on ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results