SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Security Boulevard

The Trivy Supply Chain Compromise: What Happened and Playbooks to Respond

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

Python scales host microstructures that block bacterial biofilms—revealing potential for antimicrobial materials

Materials inspired by nature, or biomimetic materials, are nothing new. Scientists have designed water-resistant materials ...
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
GitHub

A minimal, secure Python interpreter written in Rust for use by AI.

Experimental - This project is still in development, and not ready for the prime time. A minimal, secure Python interpreter written in Rust for use by AI. Monty avoids the cost, latency, complexity ...
The Hollywood Reporter

‘Rehab Addict’ Canceled by HGTV After Host Nicole Curtis Uses Racial Slur During Filming

New episodes of season nine were initially set to return to the network this week. By Carly Thomas Senior Editor, Digital The network told The Hollywood Reporter in a statement on Wednesday, “HGTV was ...