Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

Aqua Security’s Trivy vulnerability scanner compromise is trickling down ...

Nucleus Security, the leader in unified vulnerability and exposure management, today announced that for the second year in a row, it had been selected as the Best Vulnerability Management Solution in ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

The Trivy supply chain compromise gave attackers a way to deliver malicious infostealer code. Learn how it happened and ...

ProjectDiscovery, winner of the 2025 RSAC Innovation Sandbox, today announced the commercial launch of Neo, an advanced security testing platform that autonomously performs end-to-end penetration ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Shares of cybersecurity companies slid after Anthropic accidentally leaked a blog post that suggested an unreleased Claude model has much-improved cyber capabilities. Palo Alto Networks fell 7.5%.

Hackers breach Checkmarx developer tools to steal sensitive data, exposing risks in widely used software systems.

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...