SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...

Mozilla introduces cq, describing it as 'Stack Overflow for agents'

Mozilla is building cq - described by staff engineer Peter Wilson as "Stack Overflow for agents" - as an open source project ...
CNX Software

ESP-IDF v6.0 framework adds support for ESP32-C5 and ESP32-C61, preview for ESP32-H21 and ...

Espressif Systems released the ESP-IDF v6.0 framework a few days ago with stable support for ESP32-C5 and ESP32-C61 SoCs, as ...

"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
Security Boulevard

That “job brief” on Google Forms could infect your device

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

Glassworm Malware Campaign Uses Invisible Code To Infect Hundreds Of GitHub Repos

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...
Techzine Europe

GlassWorm malware surfaces in development environments

A large-scale GlassWorm malware campaign targeting developer platforms appears to be significantly more extensive and ...
Cybernews

Hundreds of code repos falling like dominoes, infected by new wave of self-replicating malware

A massive, self-replicating GlassWorm supply-chain attack has compromised hundreds of code repositories and extensions on ...
CNX Software

PycoClaw – A MicroPython-based OpenClaw implementation for ESP32 and other microcontrollers

PycoClaw is a MicroPython-based platform for running AI agents on ESP32 and other microcontrollers that brings OpenClaw ...