Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
Virtualization Review

Running AI Natively on Windows 11 Using an eGPU

Tom Fenton reports running Ollama on a Windows 11 laptop with an older eGPU (NVIDIA Quadro P2200) connected via Thunderbolt dramatically outperforms both CPU-only native Windows and VM-based ...
The Hacker News

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. "The ...
GitHub

nanobot: Ultra-Lightweight Personal AI Agent

🐈 nanobot is an ultra-lightweight personal AI agent inspired by OpenClaw. ⚡️ Delivers core agent functionality with 99% fewer lines of code. 📏 Real-time line count: run bash core_agent_lines.sh to ...