Two malicious versions of the popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux.

The post Telnyx Targeted in Growing TeamPCP Supply Chain Attack appeared first on SecurityWeek.

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

The post From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI appeared first on SecurityWeek.