Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

The Inca May Have Invented the World’s First Computer System—600 Years Ago

Scientists used the quipu’s data to build working spreadsheets, file systems, and encryption tools, rivaling conventional ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

Anvilogic Launches Agentic Workflow Automation for AI SOC

Anvilogic launches Blueprints workflow automation for AI SOC at RSA 2026.

Oracle’s Java 26 and the AI Question: Can Legacy Keep Pace with Modern Demands?

Oracle’s Java 26 advances AI readiness, security, and performance while maintaining enterprise stability, reflecting a ...
Unite.AI

A 1970s Vibe to Energy-Conserving AI Monitoring

New research shows most video AI does not need color at all, switching it on only at key moments and cutting data use by over ...
Security Boulevard

Which Came First: The System Prompt, or the RCE?

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...
Arabian Post

BlankGrabber cloaks theft with fake certificate

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...