Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
The Bookseller

Bologna Children's Book Fair 2026: Agents' Hotlists

The agents’ hot tips among the runners and riders at the 2026 Bologna Children’s Book Fair The Bookseller ’s Hotlists are ...
The New York Times

U.S. and Iran Send Conflicting Signals on Peace Prospects

President Trump said talks were underway. A top Iranian official denied that, while other Iranians said messages were being traded through intermediaries. A damaged bridge on Monday after an Israeli ...