New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
GitHub

UCSD Bamboo Artifactory Plugin

A compatibility fork of the JFrog Bamboo Artifactory Plugin, fully updated for Bamboo Data Center 12.1 (LTS) on Java 21. The upstream JFrog plugin was abandoned in 2024 and is incompatible with Bamboo ...
GitHub

xinference-pypi-teampcp-april-2026.md

description The xinference PyPI package was compromised in three versions (2.6.0–2.6.2) with a two-stage base64-decoded Python payload. JFrog identified a '# hacked by teampcp' attribution marker in ...
Ars Technica

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...
blockonomi

TrapDoor Malware Campaign Infiltrates Developer Supply Chains to Target Crypto and AI Projects

Cybersecurity company Socket identified a sophisticated malware operation dubbed “TrapDoor” that distributed 34 compromised packages throughout npm, PyPI, and Crates development platforms The ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
The Hacker News

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal ...
The Hacker News

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and ...
Morningstar

ADEX Publishes Analysis of XCSSET Malware: Research Details How Active Infection Spreads Silently Through Xcode Projects, GitHub Repositories, and Developer Credentials

LIMASSOL, Cyprus, May 19, 2026 /PRNewswire/ -- The ADEX security team has released a detailed technical case study documenting a live XCSSET infection detected, captured, and analyzed within a client ...