Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

‘Manners for machines’: how new rules could stop AI scrapers destroying the internet

Kylie sits on the Board of the Australian Digital Alliance and on the Australian Government Copyright and AI Reference Group ...
PCMag

Bright Data vs. Decodo: Which Proxy Solution Comes Out on Top?

At first glance, these two proxy services appear evenly matched, with global coverage and vast proxy pools. But a closer look ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

It’s easy to fill a platform with content if you just steal it.

The proliferation of automated podcast tools has reached a sadly inevitable outcome: WebinarTV is scraping open Zoom meeting links and turning call recordings into content for its platform without ...