Mercor confirmed it was hit by a supply-chain attack targeting LiteLLM, a widely used AI developer tool. Extortion gang ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Mercor says it has been impacted by the LiteLLM supply chain attack as Lapsus$ has auctioned 4TB of data allegedly stolen ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

Suspected North Korean hackers are believed to be behind an ongoing compromise of the widely used open-source package Axios, ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Analysis Shows Production-Deployable Rego Policies Would Have Prevented CMS Data Exposure, 500K-Line Source Code Leak, ...

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

TimesSquare Capital Management, an equity investment management company, released its “U.S. Small Cap Growth Strategy” fourth ...