TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
TeamPCP, the threat actor behind the recent compromises of Trivy and KICS,…
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Ravie LakshmananMar 21, 2026Malware / Threat Intelligence The threat actors behind the…
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
Ravie LakshmananMar 16, 2026Malware / Cryptocurrency The GlassWorm malware campaign is being…
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
Dec 26, 2025Ravie LakshmananAI Security / DevSecOps A critical security flaw has…
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code…
Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices
Cybersecurity researchers have disclosed details of a new campaign that leverages a…
Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious…
How to Stop Python Supply Chain Attacks—and the Expert Tools You Need
Aug 07, 2025The Hacker NewsDevSecOps / Supply Chain Security Python is everywhere…
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Aug 04, 2025Ravie LakshmananMalware / Browser Security Cybersecurity researchers are calling attention…