The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Two teenage boys who used artificial intelligence to create fake nude photos of their classmates have been put on probation.
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...