SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Daily Tech News Show

FCC Bans Most Foreign Routers Citing National Security Risk – DTH

Anthropic Rolls Out Autonomous Research Preview for Claude Desktop App Users, Nintendo Cuts Switch 2 Q1 Production by 2 ...