The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
GitHub

API Integration Troubleshooting Lab

A small lab environment for reproducing and diagnosing common API integration failures such as authentication errors, malformed XML payloads, and incorrect request headers. The repository includes a ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
Windows Report

Hackers Could Exploit Exposed Google API Keys to Access Gemini AI

Google is facing renewed security scrutiny after researchers revealed that publicly exposed API keys can be abused to access Gemini AI services. The issue centers on Google API keys embedded in client ...
Fox 5 San Diego

San Diego airport new program for travelers with disabilities

SAN DIEGO, Calif. (FOX 5/KUSI) — The San Diego International Airport launched a new assistance program for travelers with non-visible disabilities. SAN Assist is meant to help travelers who have ...
MassLive

‘Almost impossible to make’: Worcester brewery flips the script on non-alcoholic beer

For Greater Good Imperial Brewing in Worcester, that meant making something that no longer qualifies as a non-alcoholic beer. That’s how the brewery’s new limited-time offering, Baby Daddy IPA, came ...
buckeyeswire.usatoday

Ohio State basketball’s three keys to beat Iowa and flip Quad 1 script

Ohio State basketball tips off with the Iowa Hawkeyes tonight in Iowa City at 9 PM ET. The Buckeyes are desperate for a win as they chase their first NCAA NET Quad 1 victory of the season. Saturday’s ...
thecyberexpress

AI-Coded Moltbook Platform Exposes 1.5 Mn API Keys Through Database Misconfiguration

Viral social network “Moltbook” built entirely by artificial intelligence leaked authentication tokens, private messages and user emails through missing security controls in production environment.
Bleeping Computer

The Double-Edged Sword of Non-Human Identities

In a sweeping analysis conducted in late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets (including production API keys, cloud tokens, CI/CD credentials, ...