After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

The Student Community Action Network (SCAN) is a cohort of twenty students from the class of 2028 or 2029 who commit to volunteering a minimum of 50 hours with Maine non-profit organizations or local ...

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

As the FCC moves to block foreign-made routers, new research finds they have, on average, 32 flaws per device, compared to 14 ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

GPS spoofing and cyberattacks are emerging risks to oil, gas and industrial systems as Iran-linked threats and hacktivist ...