Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

The forgotten endpoint problem isn't a sophisticated supply chain attack or a novel vulnerability. It's basic blocking and ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The stolen credentials also granted access to the Google Cloud storage buckets within the tenant project in which a Vertex ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

Gaming firms prioritise senior tech talent as AI shifts hiring toward skills-based recruitment models globally and in SA.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...