LiteLLM is the latest victim of TeamPCP’s open-source attack spree. Malicious versions 1.82.7 and 1.82.8 abuse Python’s .pth mechanism for stealthy persistence. The malware exfiltrates cloud credentials, CI/CD secrets, and keys to attacker-controlled domains.
Checkmarx KICS scanner is the latest victim of a credential-stealing supply chain attack by TeamPCP. Between 12:58–16:50 UTC on March 23, 35 tags were hijacked. Learn how to audit your workflows, identify malicious activity, and secure your GitHub Actions.
On March 19, 2026, threat actors injected credential-stealing malware into Aqua Security’s Trivy scanner and related GitHub Actions. Learn how "TeamPCP" executed this breach and how to audit your environment.
This post will look at the past 20 years of cloud security research, separating the two decades into eras with important milestones defined that resulted in the change of one era to the next.
How Wiz Research automates detection of emerging malicious Azure app and consent phishing campaigns.
1 exposed database. 35,000 emails. 1.5M API keys. And 17,000 humans behind the not-so-autonomous AI network.
Wiz Research teamed up with Irregular, a frontier AI security lab, to settle this once and for all.
Moving beyond simple checklists to visualize, map, and block attacks on production SDLC infrastructure.
Are agentic browsers the new Flash? A 2025 review of new attacks, vendor security layers, and a roadmap for navigating AI browser risks.
Wiz Research discovered a critical supply chain vulnerability that abused a CodeBuild misconfiguration to take over key AWS GitHub repositories - including the JavaScript SDK powering the AWS Console.
Learn what you can do today to prepare for Q-Day
Wiz Research reveals the data behind Shai-Hulud's 2.0 long tail, the massive gap in cloud credential rotation, a potential link to the Trust Wallet incident, and how we finally "snipped the tail" on a month of ongoing infections.
