The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
Dark Reading

TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials.

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.
News9Live on MSN

LiteLLM security alert: AI tool with 97 million downloads faces supply chain hack

LiteLLM, a widely used AI developer tool, was hit by a supply chain attack through a malicious PyPI release. The malware stole credentials, spread across systems, and crashed machines. The incident ...