Supply chain attacks feel like they're becoming more and more common.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

TeamPCP strikes again, with almost identical code to LiteLLM.

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

Anthropic’s Claude Code leak reveals how modern AI agents really work, from memory design to orchestration, and why the ...

Cybersecurity and tech firms are positioning themselves to capture the exploding market for AI “governance.” Why leading ...