PRT-scan is the second campaign in recent months where a threat actor has leveraged AI for automated targeting of a ...
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate ...
Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...
The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results