SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Trust But Verify ⭐️

Microsoft has promised to fix Windows. But there's also a lot left unsaid, and it's there, in the shadows, where the truth ...
TidBITS

DarkSword Exploit Threatens iPhones Still Running iOS 18

Security researchers have discovered DarkSword, a sophisticated exploit chain targeting iOS 18.4 through 18.7.2. Unlike past spyware aimed at high-profile targets, DarkSword is being surreptitiously ...

Spotify seeks $300M from Anna’s Archive, which ignores all court proceedings

Spotify and major record labels are seeking a $322 million default judgment from Anna’s Archive, which hasn’t responded to ...