AI adoption in healthcare and life sciences is accelerating at a rapid pace, driving advancements in clinical research, ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

Excellent Webworld earns multi-category recognition from Clutch, highlighting 15+ years of client-verified excellence ...

如果AI开发者和企业大量依赖PyPI等开源包，而基础设施安全又仅仅寄托在「上游没有被黑」这种虚幻的假设上，类似危险的重演，可能只是时间问题。 LiteLLM只是一个开始，谁也无法回答那个最让人不安的问题： ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

Popular Python package LiteLLM compromised in supply chain attack Malicious updates (v1.82.7, v1.82.8) deployed TeamPCP Cloud Stealer infostealer Attack harvested cloud credentials, Kubernetes secrets ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

An attack on the open-source library for connecting to LLMs has apparently occurred, allowing two compromised packages to ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...