SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
Dark Reading

Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx, and the LiteLLM AI library — and all signs point ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
Bleeping Computer

Apiiro unveils free scanner to detect malicious code merges

Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. The two ...

ClawSecure: The Only Complete Security Solution for OpenClaw Agents

While competing tools address fragments of OpenClaw security, ClawSecure is the only platform combining scanning, ...
GIGAZINE

Introducing Claude Code Security, which scans your code for vulnerabilities and suggests fixes

Anthropic has released a research preview of Claude Code Security, a security solution that scans code for vulnerabilities and uses AI to fix them. Claude Code Security is provided as a feature of ...
The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.
Forbes

Google And Police Issue QR Code Attack Warnings—What To Do

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. The simple answer, and the one most often provided in online ...