InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
TMCnet

Opal Security Declares the End of Access Sprawl - Launches Industry's First Platform to See, Encode, and Enforce Governance with AI

Opal Security, the modern identity security and access governance company, today announced three new AI-native capabilities ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...
Security Boulevard

Which Came First: The System Prompt, or the RCE?

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is racing to fix trust in AI-built software - here's how ...

Anvilogic Launches Agentic Workflow Automation for AI SOC

Anvilogic launches Blueprints workflow automation for AI SOC at RSA 2026.

Semgrep Launches Multimodal, Combining AI Reasoning With Rule-Based Analysis for Detection, Triage, and Remediation

Semgrep, a leading code security company, today announced Semgrep Multimodal, a system that combines AI reasoning with rule-based analysis for detection, triage, and remediation.

Panther rolls out AI SOC Platform with agents that learn and improve over time

Security monitoring platform company Panther Labs Inc. today announced the general availability of its complete AI SOC Platform, a new security operations service where artificial intelligence agents ...
Computer Weekly

Panther AI SOC platform ‘closes loop’ on security Ops

Panther Labs (hereafter just Panther) describes itself as a complete AI security operations centre (SOC) platform that is ...