Who is TeamPCP, the rising hacker group targeting open-source software and AI tools?

TeamPCP is an increasingly notorious group of cybercriminals that carry out software supply chain attacks, where hundreds of open-source tools are corrupted and victims extorted for profit.

AI is making everyone web app builders - but leaving teams exposed

The need for a smarter layer between detection and remediation; Beyond the hype: The critical role of security in responsible AI development; ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
InfoWorld

The role of MCP in context engineering

There’s no denying the excitement around Model Context Protocol (MCP), an open protocol for connecting AI assistants with external data, tools, and APIs. Since its debut by Anthropic in late 2024, ...
Internet of People

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

The malware spread through npm, PyPI, and Rust packages in coordinated waves. It steals crypto wallets, SSH keys, and cloud developer credentials. AI coding tools were also targeted through malicious ...