SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
New Scientist

Security credentials inadvertently leaked on thousands of websites

Researchers identified nearly 10,000 websites where API keys could be found, exposing details that could let attackers access sensitive information ...

OpenAI to create desktop super app, combining ChatGPT app, browser and Codex app

OpenAI will combine its web browser, ChatGPT app and Codex app into a singular desktop super app. Fidji Simo, OpenAI's CEO of Applications, will oversee the change with assistance from OpenAI ...