Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.
Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for ...
After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Threats actors pounced on the vulnerability within hours of its disclosure, demonstrating that organizations have little time ...
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results