Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

Socket and Wiz confirm widespread credential theft and worm‑like propagation, with cached malicious Trivy artifacts still ...

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk.

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...

AI-assisted code speeds development, but introduces vulnerabilities at an alarming rate. Waratek IAST reports flaws ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

Cloud attacks are getting faster and deadlier - here's your best defense plan ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an ...