X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - ITSECURITYNEWS.INFO - A La Une - 24/Mar 11:11

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack. The workflows, both maintained by the supply…

Articles similaires

Sorry! Image not available at this time

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

bleepingcomputer.com - 21/Mar 17:30

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing...

Sorry! Image not available at this time

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

bleepingcomputer.com - 21/Mar 17:30

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing...

Sorry! Image not available at this time

44 Aqua Security repositories defaced after Trivy supply chain breach

securityaffairs.co - 23/Mar 14:24

Malicious Trivy images on Docker Hub spread infostealer malware, exposing developers after a supply chain attack. Researchers found malicious Trivy...

Sorry! Image not available at this time

44 Aqua Security repositories defaced after Trivy supply chain breach

securityaffairs.co - 23/Mar 14:24

Malicious Trivy images on Docker Hub spread infostealer malware, exposing developers after a supply chain attack. Researchers found malicious Trivy...

Sorry! Image not available at this time

Malicious LiteLLM versions linked to TeamPCP supply chain attack

securityaffairs.co - 25/Mar 08:50

TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent...

Sorry! Image not available at this time

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

itsecuritynews.info - 25/Mar 01:34

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks...

Sorry! Image not available at this time

1K+ cloud environments infected following Trivy supply chain attack

itsecuritynews.info - 24/Mar 20:41

Crims ‘creating a snowball effect’ across open source projects RSAC 2026  Thousands of organizations’ cloud environments have been infected...

Sorry! Image not available at this time

Malicious Script Injection in Trivy Compromise Enables Credential Theft

itsecuritynews.info - 21/Mar 10:34

A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and...

Sorry! Image not available at this time

Malicious Script Injection in Trivy Compromise Enables Credential Theft

itsecuritynews.info - 21/Mar 10:34

A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and...

Sorry! Image not available at this time

Hackers Compromise Trivy Scanner to Inject malicious Scripts and Steal Login Credentials

itsecuritynews.info - 21/Mar 17:32

A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and...

Les derniers communiqués