The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Supply chain attacks feel like they're becoming more and more common.

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching ...

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Python libraries for cybersecurity help automate threat detection, network monitoring, and vulnerability analysis. Tools like Scapy, Nmap, and Requests enable penetration testing and network security ...

Anthropic launches Claude Code Review, a new feature that uses AI agents to catch coding mistakes and flag risky changes before software ships.