Git isn't hard to learn, and when you combine Git and GitHub, you've just made the learning process significantly easier. This two-hour Git and GitHub video tutorial shows you how to get started with ...
CERT-EU has attributed a major data breach at the European Commission to cybercrime group TeamPCP, which exploited a supply chain attack on the open-source security tool Trivy to steal 92 GB of ...
Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Erik Steiger discusses the operational pain ...
The European Union’s Computer Emergency Response Team, CERT-EU, has traced last week’s theft of data from the Europa.eu platform to the recent supply chain attack on Aqua Security’s Trivy open-source ...
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
Socket and Wiz confirm widespread credential theft and worm‑like propagation, with cached malicious Trivy artifacts still circulating across mirror infrastructure despite takedowns. What started as a ...
RSAC 2026 Thousands of organizations' cloud environments have been infected with secret-stealing malware as a result of the Trivy supply-chain attack last week, and now the crims that compromised the ...
Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected ...
On March 24, the campaign moved to Pypi. The Litellm packages in versions 1.82.7 and 1.82.8 have been poisoned with the same infostealer malware as the one used in the original campaign, and later on ...
On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company’s GitHub organization to tamper with dozens of ...
Aqua Security revealed on March 21 that attackers hijacked 75 of 76 GitHub Actions tags for its Trivy vulnerability scanner, distributing credential-stealing malware through the widely used security ...
A threat actor is systematically targeting cloud credentials, SSH keys, authentication tokens, and other sensitive secrets stored in automated enterprise software build and deployment pipelines after ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results