Supply chain attacks feel like they're becoming more and more common.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The web framework IHP 1.5.0 brings a new database layer, significant performance gains, and an improved modular architecture.

Hillman highlights Teradata’s interoperability with AWS, Python-in-SQL, minimal data movement, open table formats, feature ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Excellent Webworld earns multi-category recognition from Clutch, highlighting 15+ years of client-verified excellence ...

针对流行扫描工具Trivy的供应链攻击背后的威胁行为者，被怀疑正在进行后续攻击，导致大量npm包遭到破坏，其中包含一个此前未被记录的自传播蠕虫病毒，名为CanisterWorm。

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

在企业数字化转型深化的 2026 年，开源 ERP 凭借零授权成本、高定制弹性、全链路自主可控等核心优势，成为大中小微企业的优选方案，既能覆盖财务、供应链、生产等通用场景，也能适配专业领域的个性化管理需求。本文结合行业性差异，精选 6 款主流开源 ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...