The hacker group TeamPCP uploaded two malicious versions of the popular Python library LiteLLM to PyPI. Using a previously compromised version of the vulnerability scanner Trivy, the attackers stole ...

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension, ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...

GitHub is investigating an alleged breach after TeamPCP claimed access to nearly 4,000 private repositories, though no impact ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

The software supply chain is the new ground zero for enterprise cyber risk. Don't get caught short - SiliconANGLE ...

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...