After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

The Lapsus$ extortion group has claimed the theft of 3GB of data from AstraZeneca, including internal code repositories and ...

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and enabling remote control.

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, worm-like malware across dozens of packages, security firms say. Named CanisterWorm ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

Your old laptop is about to outwork that overpriced NAS box ...

Learn how to protect Model Context Protocol (MCP) from quantum-enabled adversarial attacks using automated threat detection and post-quantum security.