Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...

Varnish Launches Artifact Firewall, Expands Orca for Kubernetes and AI Workloads

Runtime layer accelerates and governs software and AI artifacts across distributed Kubernetes environments. Artifact ...

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
Infosecurity Magazine

Trivy Supply Chain Attack Expands With New Compromised Docker Images

A new set of compromised Docker images linked to the Trivy supply chain attack has been identified, expanding the impact of ...

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran.