When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

LangChain and LangGraph have patched three high-severity and critical bugs.

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

President Donald Trump on Monday shared renderings of what his future presidential library could look like, offering a look into how the planned Florida-based center might eventually commemorate him.