Bleeping Computer

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

The iPhone security gap is here: Russian and Chinese hackers target out-of-date models with widely available tools

Leaked hacking tools raise concerns about the safety of iPhones running old software.

Best Antivirus Software That Won’t Slow Down Your Computer

Discover the best antivirus programs for computers that keep you protected without slowing you down. Best Antivirus Software ...
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...
HealthcareInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
PCMag UK

Update Your iPhone Now: 'DarkSword' Leak Puts Millions at Risk of Hacks

Have you been dragging your feet on the update to iOS 26? You might want to do it now to fend off the 'DarkSword' attack ...

Huge numbers of web stores are facing attack from this dangerous new malware

PolyShell vulnerability in Magento/Adobe Commerce mass exploited, hitting over half of vulnerable stores Attackers deploy ...
Security Boulevard

An Evolving GlassWorm Malware is Making the Rounds of Code Repositories

GlassWorm is evolving. Security researchers say the malware, which infiltrates code repositories with malicious extensions, can now deploy a RAT, is targeting MCP servers, and has a new way of moving ...
The Hacker News

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...