SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack

A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk.

iPhone exploit DarkSword has been released in the wild: How to protect yourself

DarkSword spyware has been posted in the wild. Credit: Cheng Xin/ DarkSword, the web-based hacker tool that can be used to ...
Axios on MSN

Spyware once used by governments is now spreading to cybercriminals

Cybercriminal groups are now using spyware tools once utilized mainly by spies and law enforcement to hack into iPhones, new ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.