Mercor says it has been impacted by the LiteLLM supply chain attack as Lapsus$ has auctioned 4TB of data allegedly stolen ...

Mercor confirmed it was hit by a supply-chain attack targeting LiteLLM, a widely used AI developer tool. Extortion gang ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

AI hiring startup Mercor confirmed it was "one of thousands of companies" affected by the LiteLLM supply-chain attack as the ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...

Analysis Shows Production-Deployable Rego Policies Would Have Prevented CMS Data Exposure, 500K-Line Source Code Leak, ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

TimesSquare Capital Management, an equity investment management company, released its “U.S. Small Cap Growth Strategy” fourth ...