Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
XDA Developers on MSN
A popular Python library just became a backdoor to your entire machine
Supply chain attacks feel like they're becoming more and more common.
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...
Old Python package comes back to life and delivers malicious payload Your email has been sent A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious ...
Do you want to uninstall the Python PIP package you installed sometime back but don’t know how? Sometimes, you may want to remove a package and its dependencies, because you no longer need it or ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results