Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

'Each vulnerability exposes a different class of enterprise data': LangChain framework hit by several worrying security issues — here's what we know

LangChain helps developers build apps using large language models (LLM), by connecting AI models to various data sources and ...
Security Info Watch

Opal Security Launches AI-Native Platform for Unified Access Governance

Opal Security unveils an AI-native platform designed to automate and unify access governance as organizations grapple with ...

Claude attacks were 'Rorschach test' for infosec community, scaring former NSA boss

RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a ...
SecurityWeek

RSAC 2026 Conference Announcements Summary (Pre-Event)

As hundreds of vendors descend on San Francisco for the RSAC 2026 Conference, the sheer volume of news can be overwhelming.
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Addressing India’s Top Cloud Challenge—Praveen Ravula’s Method

Working as a software development engineer for AWS Security at Amazon, Praveen Ravula, the 2025 Developer of the Year awardee ...

Patch now! Malicious code attacks on AI tool Langflow observed

A critical security vulnerability in Langflow allows attackers to push and execute malicious code on PCs. A security patch is ...