In Project Glasswing, announced Tuesday, the company is giving a select group of major tech and financial firms access to ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

On March 19, 2026, Trivy, Aqua Security’s widely used open-source vulnerability scanner, was reported to have been compromised in a sophisticated CI/CD-focused supply chain attack. Threat actors ...

Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month. OpenAI is rolling out a new AI-powered software vulnerability scanner that the ...