CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.

Nvidia unveils Vera, an 88-core Arm CPU for AI and analytics racks

Unlike Nvidia's earlier Grace processors, which were primarily sold as companions to GPUs, Vera is positioned as a ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Qihoo 360 accidentally exposed a private SSL key, putting its platform at risk

Qihoo 360 recently shipped its 360 Security Claw AI assistant, a tool designed to rein in the viral AI agent OpenClaw. However, the installer contained a ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...