Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
TeamPCP hackers say AI helped them launch a devastating spree of attacks. But they wouldn’t have succeeded if developers’ security hadn’t been so weak in the first place.
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
The common assumption among iPhone security experts has been that finding vulnerabilities and developing exploits for iOS was ...
Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can apply to the world of defensive cybersecurity. During the ...
In 2024, as Anthropic suggested at the time, the feature wasn’t really ready for productive use — it was genuinely crazy to watch work but also slow, error-prone, and prone to quickly losing track of ...
Security feeds and traffic cameras have helped guide some of the most audacious targeted killings in modern history. Security ...
CNN exposes an online network of men encouraging each other to drug and assault their partners, and swap tips on how to get away with it.
A practical, hands-on guide to navigating deepfake technology and reducing the risks it poses to your business.
LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer Machines
On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.
After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.
LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of credential-harvesting malware to thousands of AI developers.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results