Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
Network World

Telnet vulnerability opens door to remote code execution as root

The flaw in a legacy Telnet implementation enables pre-auth remote code execution, exposing affected systems to full ...
SecurityWeek

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

A critical Langflow vulnerability leading to unauthenticated remote code execution has been exploited hours after public ...
CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Indirect Injection and Multi-Modal Attacks: Poisoning the Pipeline

Indirect prompt injection represents a more insidious threat: malicious instructions embedded in content the LLM retrieves ...