Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...
eWeek

Humanoid Robots Go Public: China’s Unitree Files $610M IPO Amid Surging Demand

Unitree Robotics files for a $610 million IPO after achieving rare profitability in humanoid robotics, signaling a potential ...
Windows Latest

Microsoft to upgrade Windows Subsystem for Linux (WSL) with faster file access, better networking and easier setup

Microsoft plans major WSL improvements in Windows 11 2026, with faster file performance, better networking, and easier setup ...
The Hacker News

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.
eWeek

AgiBot Floods Factories With 10,000 Humanoids

Hillman highlights Teradata’s interoperability with AWS, Python-in-SQL, minimal data movement, open table formats, feature ...

Karpathy shares 'LLM Knowledge Base' architecture that bypasses RAG with an evolving markdown library maintained by AI

Karpathy proposes something simpler and more loosely, messily elegant than the typical enterprise solution of a vector ...
Infosecurity Magazine

TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Anthropic goes nude, exposes Claude Code source by accident

Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in a supply chain attack. ShinyHunters leaked the data.
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...