Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
HealthcareInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
MUO on MSN

Your spare laptop is about to become the cheapest NAS alternative you'll find

Your old laptop is about to outwork that overpriced NAS box ...

Tech stocks today: Big Tech stocks sell off, Anthropic considers IPO as soon as Q4

Tech stocks continued to be pressured on Friday after a sell-off in social media stocks and chip stocks sent the tech-heavy ...

Tech stocks today: Meta, Google face legal reckoning, OpenAI narrows its focus

Tech stocks sank on Thursday amid uncertainty over US-Iran talks and as a landmark trial verdict opened social media ...
PCMag

Decodo vs. IPRoyal: Which Proxy Provider Takes the Lead?

It's a close matchup on paper, but key differences in pricing, proxy scale, and transparency ultimately separate these two ...
PCMag

Bright Data vs. Decodo: Which Proxy Solution Comes Out on Top?

At first glance, these two proxy services appear evenly matched, with global coverage and vast proxy pools. But a closer look ...
The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
InfoWorld

Speed boost your Python programs with new lazy imports

No more waiting on slow-loading modules or wasting time on ad hoc workarounds: Python 3.15’s new ‘lazy imports’ mechanism has ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.