Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...
Security Boulevard

Who Actually Owns This Service Account?

When an NHI is compromised, who do you call? GitGuardian NHI ownership eliminates the guessing game with automatic ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days ...
CoinDesk

Crypto code commits fall 75% as developers move to AI projects

Developers are shifting toward artificial intelligence infrastructure as blockchain ecosystems lose contributors across major networks, from Ethereum to Solana.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

AI Expansions, Cyberthreats, and Industry Shifts Define This Week in Tech

From AI expansions and cyberattacks to billion-dollar deals and workforce shifts, here’s what defined the tech industry this ...