The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

Point Wild, a leading global provider of AI-powered cybersecurity, today announced the immediate release of a free security tool, who-touched-my-packages (wtmp) – to provide developers visibility into ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
ZDNet

Malicious Python libraries targeting Linux servers removed from PyPI

A security firm found three malicious Python libraries uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed on ...
Dark Reading

Python-Based Bot Scanner Gorging on Recon Intel

A new Python-based bot scanner is snaking its way through Internet resources, seeking out exposed Web services and default passwords on critical network resources. The information grab doesn't yet ...
Analytics Insight

How AI Is Reshaping the Way Python Developers Write and Secure Code

Python is now one of the fastest-growing programming languages being used globally and supports machine-learning-based ...