SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Visual Studio Magazine

Getting My OpenClaw Around VS Code

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
eWeek

Nvidia Brands Data Centers as $1 Trillion Token Mills

Nvidia is turning data centers into trillion-dollar "token factories," while Copilot and RRAS remind us that security locks ...
Seeking Alpha

Figma teams up with Anthropic to convert AI code into designs

In a move to stay ahead of the widespread investor concerns of artificial intelligence applications displacing creative design software, Figma (FIG) has partnered with Anthropic (ANTHRO), a leading AI ...
CNBC

Figma partners with Anthropic to turn AI-generated code into editable designs

Figma and Anthropic are partnering on AI coding tools that integrate Claude Code. Software stocks have sold off as AI tools threaten to upend the industry. Figma reports earnings Wednesday. The stock ...
Infosecurity-magazine.com

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

A Python-based malware family known as VVS stealer has been observed using advanced obfuscation and stealth techniques to target Discord users and extract sensitive ...
The Hill

White House defends Trump remarks, says he does not want members of Congress executed

White House press secretary Karoline Leavitt told reporters Thursday that President Trump does not want to execute members of Congress who urged the military not to follow unlawful orders, but that he ...