Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.
Education Week

A Potential Breach of an Anonymous Tip App Could Have Exposed Sensitive Student Data

A K-12 school safety and student well-being solutions provider that runs a tip-reporting platform has reportedly been hit by a major cyberattack. The breach may have exposed the personal information ...
PCMag

Man Used 373,000 Sites On Dark Web To Swindle Predators, Hackers

The 35-year-old suspect in China raked in an estimated $400,000 by creating a huge network of sites that dangled illegal ...