Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.

CNCF's Dapr Agents Tackles The Problem Most AI Frameworks Ignore

CNCF launches Dapr Agents v1.0 at KubeCon EU, prioritizing crash recovery and durability over intelligence. Zeiss validates it in production.
OfficeChai

LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer Machines

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

OpenAI’s Astral deal reveals hidden funding rounds, investor windfall: AI researcher Simon Willison

Independent researcher Simon Willison raises questions about hidden Series A and B rounds, investor windfalls, and whether a ...
InfoQ

Daggr Introduced as an Open-Source Python Library for Inspectable AI Workflows

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...