‘If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says. Attackers have compromised the widely used open-source ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global provider of AI-powered cybersecurity, today announced the immediate release of a free security tool, who-touched-my-packages (wtmp) ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

State and local government IT teams face a constant flood of vulnerability alerts. With tens of thousands of new common vulnerabilities and exposures (CVEs) published every year, security teams must ...

A vulnerability-discovery tool built by Anthropic has identified a serious flaw in FreeBSD’s Network File System, a component ...

Reading challenges. Poor communication skills. Emotional immaturity. The number of children in kindergarten across Canada entering school with at least one developmental vulnerability has risen since ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...