A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Supply chain attacks feel like they're becoming more and more common.

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

A gold coin, a massive ballroom, a towering arch, a remade Kennedy Center--the gaudy, gilded aesthetic of the Trump era is ...

OpenAI acquires Python toolmaker Astral to boost its AI development ecosystem. Discover how this strategic move enhances high ...

Gesture control robotics replaces traditional buttons and joysticks with natural hand movements. This approach improves user ...

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

With more and more AI services available globally, it's getting hard to keep them all straight, which is why an app like Noi ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...