Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...
The Raspberry Pi 5 is several times faster than previous models of the compact and cheap computer. For less than a couple hundred bucks, you can have a computer that can do many tasks that previously ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results