Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
Hosted on MSN

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that deployed infostealer and persistence mechanisms Users advised to downgrade, ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
Hackaday

Python Comes To The Arduino Uno Q

MicroPython is a well-known and easy-to-use way to program microcontrollers in Python. If you’re using an Arduino Uno Q, ...
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
Bloomberg L.P.

API Library

Supported Releases: These releases have been certified by Bloomberg’s Enterprise Products team for use by Bloomberg customers. Experimental Releases: These releases have not yet been certified for use ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
CNN

Trump shares renderings of a towering presidential library

President Donald Trump on Monday shared renderings of what his future presidential library could look like, offering a look into how the planned Florida-based center might eventually commemorate him.