GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static ...

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx, and the LiteLLM AI library — and all signs point ...

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

The Trivy supply chain compromise gave attackers a way to deliver malicious infostealer code. Learn how it happened and ...

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...

GitHub is adding AI-powered security detections to its Code Security offering, aiming to catch more vulnerabilities across a ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...