TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans
Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks
A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure
Government-run train operator LNER has revealed details of a supplier data breach
The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks
Researchers warn that popular open source software package tj-actions has been compromised
Chinese hackers appear to have compromised Treasury machines via a trusted third party
npm package @lottiefiles/lottie-player hacked with malicious code, draining crypto wallets via web3 pop-ups
Windows and Mac versions of the software were compromised to deliver infostealers
Study highlights threat detection challenge for many organizations