The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

As "Spamalot" returns to L.A., Eric Idle is feeling sentimental about his epic career

As "Spamalot" returns to the Hollywood Pantages, Eric Idle says of absurdist comedy, "these are the sort of times when we ...
The Guardian

US military reportedly used Claude in Iran strikes despite Trump’s ban

Trump calls Anthropic a ‘Radical Left AI company run by people who have no idea what the real World is all about’ US-Israel war on Iran – latest updates Sign up for the Breaking News US email The US ...
The New York Times

Microplastics Are Everywhere. Here’s How to Avoid Eating Them.

We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› By Katie Okamoto Katie Okamoto is an editor focusing on sustainability. She’s ...
Hosted on MSN

Rawalpindi police troll Salman Ali Agha using controversial run-out to spread safety message

A very controversial scene took place during the second ODI between the Pakistan and the Bangladesh. The scene has become a hot topic of discussion among cricket fans. The scene involving the ...