Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
TMCnet

Opal Security Declares the End of Access Sprawl - Launches Industry's First Platform to See ...

Opal Security, the modern identity security and access governance company, today announced three new AI-native capabilities ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

The Inca May Have Invented the World’s First Computer System—600 Years Ago

Scientists used the quipu’s data to build working spreadsheets, file systems, and encryption tools, rivaling conventional ...

Claude 5天重写 Python 老库引全网争议,维护者擅自更换开源协议,退网 ...

花 5 天时间借助 Claude Code 重写运营十余年的老旧代码库后,项目维护者直接将开源许可证从 LGPL 改为更宽松的 MIT。 近日,Python 经典编码检测工具 chardet 因此陷入舆论中心。 更具戏剧性的是,这个库的新版发布后,自 ...
InfoWorld

The ‘toggle-away’ efficiencies: Cutting AI costs inside the training loop

You don't need the newest GPUs to save money on AI; simple tweaks like "smoke tests" and fixing data bottlenecks can slash ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...