TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

Python is one of the most popular high-level, general-purpose programming languages. Named after the comedy troupe Monty ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

OpenAI’s new ChatGPT file library makes saved files easier to reuse, but deleting a chat no longer deletes the files inside ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software ...

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Generative AI with .NET from SDKs and streaming to tools and agents: an overview of OpenAI, Azure, and the new Microsoft ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Supply chain attacks feel like they're becoming more and more common.