Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

Anduril, Palantir developing Golden Dome missile shield's software, source says

March 24 (Reuters) - Anduril and Palantir Technologies are working together to develop software for U.S. President Donald Trump's Golden Dome antimissile shield initiative, a source familiar with the ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker ...
University News & Events

UC Santa Cruz trio takes third at 2026 Mistral AI hackathon with cybersecurity platform

A team of UC Santa Cruz students and an alumnus earned third place at the 2026 Mistral AI Worldwide Hackathon in San ...