The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
eWeek

9 Quadruped Robots You Can Actually Buy in 2026

Four-legged robots that scramble up stairs, stride over rubble, and stream inspection data — no preorder, no lab coat ...
Tech Critter

NVIDIA @ GDC 2026: DLSS 4.5 DMFG launches on March 31; Multiple games getting path tracing; New RTX Mega Geometry Foliage System; And more

NVIDIA's latest open event was GDC 2026, and they brought forward several pieces of news for both GeForce-related gaming ...
Lablab.ai

Deriv AI Talent Sprint: Bridging the Gap Between AI Innovation and FinTech Excellence

Explore the highlights of the Deriv AI Talent Sprint, where 2,557 participants built 167 AI-powered solutions for trading, ...

GitHub Copilot will train on your data by default, here’s how to stop it

GitHub Copilot will train on your data by default soon. Here’s what changes, what data is used, and how to opt out.

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static ...

GitHub Copilot will use your data for AI training by default, but you can opt out

GitHub describes this training data as inputs, outputs, code snippets, and associated context, but the fine print goes into ...

OpenAI upgrades Codex to automate your workflows - and compete better with Claude Code

Codex's new plugins push it beyond coding and position it to challenge Claude Code's growing lead among developers.