The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

OpenAI acquires Astral, the Python toolmaker, to enhance Codex AI coding assistant as it competes with Anthropic's Claude Code and Cursor.

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.

March 19 (Reuters) - OpenAI said on Thursday it will acquire Python toolmaker Astral, as the ChatGPT ​owner looks to ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide persistence and lateral spread.

Students showcase solutions such as AI fridges, VR heritage trails and carbon bricks to address climate change, sustainable ...

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.