The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Supply chain attacks feel like they're becoming more and more common.

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Generative AI with .NET from SDKs and streaming to tools and agents: an overview of OpenAI, Azure, and the new Microsoft ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

New global members join CNCF reflecting the rise of enterprise demand for scalable, cost-efficient cloud native technologiesAMSTERDAM, March 25, 2026 ...

ShellGPT makes the terminal user-friendly, saving time by generating commands, automating scripts, and guiding me through tasks.