The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
Cloud Security Alliance

API Security in the AI Era

Application Programming Interfaces have been the connective tissue of modern IT environments for decades, but the way they're being used is undergoing a fundamental shift. Once primarily a ...
TheServerSide

Hello World in Python vs Java

Community driven content discussing all aspects of software development from DevOps to design patterns. A simple application that prints nothing more than the words Hello World is the seminal start to ...
Wired

Microsoft Cuts Off Access to Bing Search Data as It Shifts Focus to Chatbots

Microsoft quietly announced earlier this week that it plans to shut down a long-standing tool supplying search engine startups and other software developers with a raw feed of Bing search results. The ...