Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
GitHub

how-to-use-npm-package.md

The azure-maps-control npm package is a client-side library that allows you to embed the Azure Maps map control into your node.js applications using JavaScript or TypeScript. This library makes it ...
GitHub

Vulnerability [CVE-2026-24051] is getting reported for package go.opentelemetry.io/otel/sdk

Vulnerability [CVE-2026-24051] is getting reported for package go.opentelemetry.io/otel/sdk #10062 Closed sureshnikuliya1 opened 3 weeks ago ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...