Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Supply chain attacks feel like they're becoming more and more common.

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

A malicious Python package masquerading as a legitimate Telegram development tool has been identified as a vehicle for remote code execution attacks, raising concerns about supply chain security ...

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

TIOBE Index for March 2026: Top 10 Most Popular Programming Languages Your email has been sent Python keeps the top spot as its rating dips again, C climbs further in second, and the bottom stays ...