Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...
CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in a supply chain attack. ShinyHunters leaked the data.
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
North Korean hackers used an updated version of a known backdoor to target a popular npm package.
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Mac users have a new malware threat to be on the watch out for. According to a new report by Malwarebytes, Infiniti Stealer ...
LangChain and LangGraph have patched three high-severity and critical bugs.
YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results