Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...
Forbes

Password Hack Warning As New Threat Jumps From Your Laptop To Phone

Update, July 22, 2025: This story, originally published on July 20, has been updated with an expert counterpoint to the idea that it’s the delivery mechanism being what’s important in the latest ...