The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Naples Daily News

SleepScriptMD Offers Non-Addictive Sleep Treatment Through Text-Based Care

SleepScriptMD offers board-certified physician-reviewed, non-addictive sleep prescriptions online — no office visits required — serving patients nationwide ...
Bleeping Computer

The Double-Edged Sword of Non-Human Identities

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets (including production API keys, cloud tokens, CI/CD credentials, ...
iapp.org

Who holds the keys? Navigating legal and privacy governance in third-party AI API access

In today's rapidly evolving artificial intelligence environment, organizations are increasingly relying on third-party application programming interfaces from platforms like OpenAI, Google and Amazon ...
GitHub

Unofficial Twitter API In Python

This project is an unofficial Python wrapper for the Twitter API, enabling developers to easily access and retrieve data from Twitter without the need for Cookies or Proxies. Sign up for a free ...