SecurityWeek

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Infosecurity Magazine

TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...