SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.
GitHub

TikTok Live Stream Key Generator for OBS Studio Using Streamlabs API

This application is a simple tool that generates a TikTok Live Stream Key for OBS Studio using the Streamlabs API. Streamlabs TikTok LIVE access is required. Run the ...
The Droid Guy

Anthropic Bans OAuth Tokens from Consumer Plans in Third-Party Tools

Anthropic has officially banned users from extracting OAuth tokens from their Claude consumer subscriptions (Free, Pro, and Max plans) to use in third-party tools and applications. The move, which the ...
DualShockers

Where to Find and Use All Keys in Scott Pilgrim EX

Covering the video games industry since 2017, with experience in news, articles, lists, and reviews (and I blame The Legend of Zelda: Majora's Mask for that). If you are a fan of RPGs and want a third ...
GitHub

The Bunker with AI

The Bunker Bot is a program for generating scenarios for playing bunker using AI. Every game has a global catastrophic scenario, a bunker description and a danger in the bunker that players will need ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...