A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...
Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
The open-source supply chain hack represents “meaningful industry-wide risk”, according to an industry expert.
Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.
Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...
The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...
How do you secure AI coding assistants in real software teams? This practical guide covers least privilege, secrets handling, approvals, sandboxing, and rollout controls.
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain ...
GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results