The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
CNET

Here's How To Use Your iPhone's Hidden Document Scanner -- Just in Time for Tax Season

To send or locally save the document, tap Share button at the top (the square-and-arrow icon) to send it via Messages or apps ...

How to Scan Paper Documents into Apple Notes on iPhone & iPad

Apple Notes lets iPhone and iPad users scan documents from the attachments button, then crop, filter, and save the pages in a ...
Dark Reading

Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx, and the LiteLLM AI library — and all signs point ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Best Antivirus Software That Won’t Slow Down Your Computer

Discover the best antivirus programs for computers that keep you protected without slowing you down. Best Antivirus Software ...
CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...
Computer Weekly

EU Parliament rejects Chat Control message scanning

The European Parliament has voted against proposals that would allow social media and tech companies to continue to scan the content of private messages of EU citizens for illegal content. A majority ...

Could SpaceX file for IPO as soon as this week?

Yahoo Finance Senior Reporter Brooke DiPalma speaks with Yahoo Finance Senior Autos Reporter Pras Subramanian about Elon Musk ...
Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Cisco debuts new AI agent security features, open-source DefenseClaw tool

Cisco announced the product updates alongside a new open-source project. DefenseClaw, as it’s called, is designed to make AI ...