Self-propagating malware poisons open source software and wipes Iran-based machines

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before ...

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Cryptopolitan on MSN

Hacker targets ETH and SOL devs via typosquat npm packages

Ethereum and Solana developers were targeted by five malicious npm packages that steal private keys and send them to the ...