Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

Mac users have a new malware threat to be on the watch out for. According to a new report by Malwarebytes, Infiniti Stealer ...

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw! - DerekPascarella/DreamMovie-UNLOCKED ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...