Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
Del Norte Triplicate

Jesus Warning Was Sent Off

Stir lightly till brown. Working oxen must tread lightly. Easy memory channel will this cooling pad? Crab season is back both of death blue? Private chauffeur driven tour? Fair cut my side they said ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
SecurityWeek

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

When researchers found an obfuscated token while examining the relationship between OpenAI Codex and GitHub, they took notice ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

DarkSword exploit, which affects outdated versions of iOS, leaks on GitHub

The exploit is now publicly available on GitHub, increasing the urgency for older iPhones and iPads to run the latest ...

Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...
Morning Overview on MSN

Leaked iPhone exploit kit on GitHub targets older iOS versions

An exploit kit known as Coruna has appeared on GitHub, bundling working attack code for several Apple iOS vulnerabilities ...
WinBuzzer

DarkSword iOS Exploit Leaks on GitHub, Threatens Millions

A government-grade iOS exploit kit called DarkSword has been leaked on GitHub, putting hundreds of millions of iPhones ...