TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

The plug-in is currently available in all the ChatGPT apps except Android and Windows. Pick Apps from the navigation pane, ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching ...

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

Learn how to protect Model Context Protocol (MCP) from quantum-enabled adversarial attacks using automated threat detection ...

I test-drove both. Here’s what I learned. In early March, OpenAI unleashed a one-two punch, dropping two major frontier ...