CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.
Business Wire

GitLab Enables Broader and More Affordable Access to Agentic AI Across the Software Lifecycle

GitLab Inc., the intelligent orchestration platform for DevSecOps, today released GitLab 18.10, making it easier and more ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...