Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

APERION (formerly LangSmart), the enterprise AI governance company, today announced the launch of the SmartFlow SDK, ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in a supply chain attack. ShinyHunters leaked the data.

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

AI hiring startup Mercor confirmed it was "one of thousands of companies" affected by the LiteLLM supply-chain attack as the ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

Six generations have maintained the same family-owned factory where all Carmina shoes are made using the finest artisan ...

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...