News Cisco source code stolen in Trivy-linked dev environment breach
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack t...
supply chain attack
News 
News Hackers compromise Axios npm package to drop cross-platform malware
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
News Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deli...
News Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python pa...
News Trivy supply-chain attack spreads to Docker, GitHub repos
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker ima...
News Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distri...
News GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repo...
News AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-ch...
News 新たなPhantomRaven NPM攻撃の波が88のパッケージ経由で開発者データを盗む
PhantomRaven」サプライチェーンキャンペーンによる新たな攻撃の波がnpmレジストリを襲っている。 このキャンペーンは、サイバーセキュリティ企業Koiの研究者によって2025年10月に最初に発見され、8月から実行され、npmプラット...
News The biggest cybersecurity and cyberattack stories of 2025
2025 was a big year for cybersecurity, with major cyberattacks, data breaches, threat groups reaching new notoriety leve...