Bleeping Computer

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

I found 7 open source apps so good I'd actually pay for them

But it has hidden layers I want visibility into, especially as awareness of tracking and data collection increases. Likewise, ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Oregonian

12 projects that could transform development along the Willamette River

The sold-out Reimagine the River conference, held Wednesday at The Redd on Salmon Street in Portland, brought together civic, tribal, nonprofit and business leaders to discuss the region’s connection ...
World Bank

Environmental and Social Policies

When we provide governments with financing to invest in projects — such as building a road, connecting people to electricity, or treating waste water — we aim to ensure that the people and the ...