SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
CNBC

Microsoft's GitHub expands beyond OpenAI, lets developers use AI models from Anthropic, Google

Microsoft's GitHub will let developers choose large language models from Anthropic and Google to power the GitHub Copilot Chat coding assistant, alongside models from OpenAI. The options came about ...