Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...
Hip-Hop Wired

'GTA 6' Python Code & More Leak On The Web

HHW Gaming: ‘GTA V’ Source Code, ‘GTA 6’ Python Code, ‘Bully 2’ Files The Latest Stolen Data To Leak From Rockstar Games Hack The leaks of GTA V's source code are concerning because they could lead to ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Threat Post

Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple

Ethical hacker Alex Birsan developed a way to inject malicious code into open-source developer tools to exploit dependencies in organizations internal applications. An ethical hacker has demonstrated ...