Supply chain attacks feel like they're becoming more and more common.

Overview NumPy and Pandas form the core of data science workflows. Matplotlib and Seaborn allow users to turn raw data into ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Overview Python is the programming language that forms the foundation of web development, data science, automation, and ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

Cybersecurity and tech firms are positioning themselves to capture the exploding market for AI “governance.” Why leading ...