Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

Supply chain attacks feel like they're becoming more and more common.

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege escalation, raising concerns about the future of browser data security.

An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser.

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...