Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Dark Reading

Critical OpenClaw Vulnerability Exposes AI Agent Risks

A newly disclosed — and now patched — vulnerability in the fastest-growing AI agent tool in the developer ecosystem underscores the expanding risks organizations face from deploying AI in their ...
The Record

After years of government cyber trouble, UK turns to automated scanning to speed fixes

The British government said Thursday it has slashed the time required to fix some of the most serious cyber vulnerabilities across the public sector, pointing to a new automated monitoring service as ...
VentureBeat

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived ...
Morningstar

Anthropic’s Claude Code Security Release Is Not Bad News for Cyber Stocks

On Feb. 20, Anthropic released a vulnerability-scanning tool aimed at security applications, leading to an average drawdown of over 5% across our cybersecurity stock coverage as investors worry that ...
The Hacker News

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user's software codebase for vulnerabilities and suggest patches. The ...
blockchain

Anthropic's Claude Launches Code Security Tool for Vulnerability Scanning

According to @StockMKTNewz, Anthropic has introduced Claude Code Security, a new tool currently in limited research preview. This tool is designed to scan codebases for vulnerabilities and provide ...
blockchain

Anthropic Launches Claude Code Security Preview: AI Vulnerability Scanning and Patch Suggestions Explained

According to @claudeai on X, Anthropic introduced Claude Code Security in a limited research preview that scans codebases for vulnerabilities and proposes targeted software patches for human review, ...
TechRepublic

Microsoft Patches Windows Flaw Causing VPN Disruptions

Microsoft has patched a vulnerability in the Windows Remote Access Connection Manager (RasMan) service that was being exploited to trigger denial-of-service (DoS) conditions on unpatched systems. If ...