The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

Langraph Deploy CLI lets developers create, test, and deploy AI agents from the terminal, with templates and langraph deploy ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide persistence and lateral spread.

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

Artificial intelligence is rapidly transforming how organizations operate, analyze data, and develop new products. For ...

Anika Marathe, Mihir Bapat, Sathwik Kintada, Aditya Katre and Indraneel Adem were announced as finalists in the competition ...

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate rapid incident response and secret remediation.

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude (Opus 4.5) and a third-party asset management platform. The idea is simple: ...

YourStory presents the daily news roundup from the Indian startup ecosystem and beyond. Here's the roundup for Wednesday, March 25, 2026.

What Happened? Shares of software supply chain platform JFrog (NASDAQ:FROG) jumped 9% in the afternoon session after UBS upgraded the stock from neutral to buy, and set a $60 price target. Analysts ...

LiteLLM, a widely used AI developer tool, was hit by a supply chain attack through a malicious PyPI release. The malware stole credentials, spread across systems, and crashed machines. The incident ...