The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

New Torg Grabber infostealer malware targets 728 crypto wallets

A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Infosecurity Magazine

TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Manager of botnet used in ransomware attacks gets 2 years in prison

A Russian national has been sentenced to two years in prison after admitting that the phishing botnet he managed was used to ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
Detroit Free Press

Niobium Expands Leadership Team with Key Hires in Product and Finance as It Builds Toward an Encrypted Cloud Platform

Niobium adds accomplished veterans from Groq and Celestial AI as it advances a vision for cloud computing where data never needs to be decrypted. DAYTON, OH, UNITED ...
The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that ...