The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

Threats actors pounced on the vulnerability within hours of its disclosure, demonstrating that organizations have little time ...

The common assumption among iPhone security experts has been that finding vulnerabilities and developing exploits for iOS was ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

Popular Python package LiteLLM compromised in supply chain attack Malicious updates (v1.82.7, v1.82.8) deployed TeamPCP Cloud Stealer infostealer Attack harvested cloud credentials, Kubernetes secrets ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

A widely used Python package with more than 95 million monthly downloads has been compromised with credential-stealing ...

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...