The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Anthropic introduces “repeatable routines” in Claude Code, bringing AI-powered automation and a redesigned workspace to ...

TeamPCP strikes again, with almost identical code to LiteLLM.

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Build your first fully functional, Java-based AI agent using familiar Spring conventions and built-in tools from Spring AI.

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software packages, to distribute a cross-platform, ...

For radical, picture me skateboarding ungainly while installing Linux - or, to be more precise CachyOS - on my PC. Windows 11 ...