TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

TeamPCP has again expanded its supply chain attacks on open-source repositories by targeting Telnyx, according to security researchers. The cyber threat group recently rose to notoriety by uploading ...

APERION (formerly LangSmart), the enterprise AI governance company, today announced the launch of the SmartFlow SDK, ...

LangChain and LangGraph have patched three high-severity and critical bugs.

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

Engineers from OLX reported that a single-line modification to dependency requirements allows developers to exclude unnecessary GPU libraries, shrinking contain ...

LangChain and LangGraph have patched three high-severity and critical bugs.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

Every conversation you have with an AI — every decision, every debugging session, every architecture debate — disappears when ...