Supply chain attacks feel like they're becoming more and more common.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

QR codes are widely used in entry and exit systems for various events to monitor the number of participants and ensure that ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...

The primary condition for use is the technical readiness of an organization’s hardware and sandbox environment.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Securing dynamic AI agent code execution requires true workload isolation—a challenge Cloudflare’s new API was built to solve ...

Victims are coaxed into a Quick Assist session that drops a digitally signed Microsoft Installer (MSI). This slips in a third-party-signed dynamic link library (DLL) to trigger sideloading and deploy ...

Cloud attacks are getting faster and deadlier - here's your best defense plan ...