Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
CoinDeskOpinion

How DeFi is quietly rebuilding the fixed-income stack for institutional capital

In traditional finance, fixed-income instruments are rarely held in isolation. They are repo’d, pledged, rehypothecated, ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...