Bleeping Computer

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
SecurityWeek

Alleged RedLine Malware Administrator Extradited to US

Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer ...
Macworld

Apple urges iPhone users to update as new DarkSword hacking tool lands online

Generally, iOS can be updated in the Settings app by tapping General > Software Update. However, Apple has a separate method ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

iPhone exploit DarkSword has been released in the wild: How to protect yourself

Uh-oh. Now anyone can easily use it.

A New DarkSword Version Just Leaked Online & Millions of iPhones Are Now at Risk

The post A New DarkSword Version Just Leaked Online & Millions of iPhones Are Now at Risk appeared first on Android Headlines ...

ADB is the last line of defense for a free and open Android

As Android locks down sideloading, ADB may be the last way to stay in control. Here’s why it still defines Android’s open ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...