The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

Supply chain attacks feel like they're becoming more and more common.

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...

Oracle’s Java 26 advances AI readiness, security, and performance while maintaining enterprise stability, reflecting a ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing infections.

Learn how to protect Model Context Protocol (MCP) from quantum-enabled adversarial attacks using automated threat detection and post-quantum security.

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...

This guide is all about how to find and make the most of fintech internships, so you can get a foot in the door and build a ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...