The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

TeamPCP strikes again, with almost identical code to LiteLLM.

Claude, the AI chatbot from Anthropic, experienced a significant outage on Monday evening, impacting login and connection issues across its services including Claude.ai, API, and Claude Code. The ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...