With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
The FBI says a man who crashed his pickup truck into a Detroit-area synagogue earlier in March was carrying out an attack ...
The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software ...
During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...
On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...
AI is burying open source maintainers under a flood of automated security reports they don't have the time or tools to ...
A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results