Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

Use Playerctl, Python, and Conky timer to create a 'now playing' Spotify desktop widget.

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...