Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...
The Hacker News

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting ...
Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...
Infosecurity Magazine

Trivy Supply Chain Attack Expands With New Compromised Docker Images

A new set of compromised Docker images linked to the Trivy supply chain attack has been identified, expanding the impact of ...
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

Over 29 million secrets were leaked on GitHub in 2025, and AI really isn't helping

This is according to GitGuardian’s latest report, the “State of Secrets Sprawl” paper that was just released. In the research ...

The Cloud Native Stack Finally Gets a Governance Layer: Meshery v1.0 Launches at KubeCon EU

General availability of Meshery v1.0 arrives as AI-generated infrastructure configurations accelerate faster than human ...
Cyber Defense Magazine

AI Is Writing Your Code. But Who Is Securing It?

AI coding assistants have unleashed new superpowers for developers, with the likes of GitHub Copilot, Cursor’s AI code editor ...

SpecterOps adds Okta, GitHub and Mac coverage to BloodHound Enterprise platform

BloodHound Enterprise platform to cover Okta Inc., GitHub and Mac environments and introduced new OpenGraph extensions to map ...

Linux Foundation Announces $12.5 Million in Grant Funding from Leading Organizations to Advance Open Source Security

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced $12.5 million in total grants from Anthropic, AWS, GitHub, Google, Google DeepMind, ...

GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

GitGuardian, the security leader behind GitHub's most installed application, today released the 5th edition of its “ State of ...