Two different attackers poisoned popular open source tools - and showed us the future of ...

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...
eWeek

Samsung Hits Send on Goodbye to Messages

Samsung is sunsetting its own chat app while Apple adds end-to-end encryption to its already-live RCS, hinting that the final texting firewall might soon drop. Meanwhile, Cloudflare drafts a ...
IEEE

Detecting Malicious Packages in PyPI and NPM by Clustering Installation Scripts

Abstract: Software repositories such as PyPI and npm are vital for software development but expose users to serious security risks from malicious packages. The malicious packages often execute their ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

硅谷恐怖故事!9700 万下载的 AI 神库遭「投毒」,黑客的 Bug 拯救了 ...

Datadog 安全团队还原了完整攻击链。3 月 19 日 Trivy 沦陷,20 日 npm 66 个包被感染,23 日 KICS 35 个标签被劫持,24 日 LiteLLM 中招。 攻击者还用 LiteLLM CEO Krrish ...

连Karpathy都怕了!9千万级AI包被投毒,竟靠黑客写出bug救命

【新智元导读】一次只持续了不到1小时的投毒事件,撕开了AI基础设施「信任链」的致命裂缝。更魔幻的是,全行业逃过一劫,居然靠黑客自己写出bug。 刚刚,科技界经历了一场惊心动魄的「供应链投毒」危机。 3月24日上午,一个普通的版本更新LiteLLM 1.82.8,出现在PyPI上。 全球数百万开发者的终端,每天都在自动拉取这类更新,没有人注意到这个版本里藏着一段精心设计的恶意代码: 只要你执行一句p ...
搜狐

紧急警告:LiteLLM PyPI 包被植入恶意代码,请停止更新

紧急警告:你的 pip install 正全盘失守! 大神 Karpathy 亲自跳了出来,给这件事定了个性:Software Horror。 LiteLLM,月下载量 9700 万的 Python 库,被黑客组织 TeamPCP 植入了恶意代码。 只要你执行了 pip install litellm,你机器上的 SSH 密钥、AWS/GCP/Azure 凭证、Kubernetes 配置 ...

Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software horror\"—and the details are ge.
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.