Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

Supply chain attacks feel like they're becoming more and more common.

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

Astral tools and expertise will be leveraged in OpenAI Codex agentic coding app to expand AI capabilities across the software development life cycle.

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

March 2026 TIOBE Index stays largely steady, with SQL and R swapping spots, as Paul Jansen explains why the index still ...