The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

PCWorld demonstrates how OpenAI’s Codex can generate a complete personal homepage in just 56 seconds using simple prompts and ...

Scientists used the quipu’s data to build working spreadsheets, file systems, and encryption tools, rivaling conventional computing methods.

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate rapid incident response and secret remediation.

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and subsequent malicious Docker images. The group has been observed running a ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and enabling remote control.

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

Nvidia led a week of big AI moves, major security threats, app ecosystem changes, and tech industry shakeups across Apple, Google, Meta, Microsoft, and OpenAI.