Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

ChatGPT just got a library for all your files - how it works

ChatGPT just got a library for all your files - how it works ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
WFMZ-TV

Man accused of using credit card to steal items from Poconos pool supply store arrested in New York

STROUDSBURG, Pa. – A man accused of using a credit card to steal items from a pool supply store in the Poconos last summer was arrested in New York. The Stroud Area Regional Police Department said ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...