SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain ...
federalnewsnetwork.com

Lawmakers seek to penalize DoD if it fails to pass a clean audit

The Defense Department has never passed a full audit since launching its first independent financial review in 2017. Now a new bill seeks to impose penalties if the Pentagon fails to achieve a clean ...
Forbes

From Writing Code To Directing Agents: The Inversion Of Developer Value In The Age Of AI

Most companies are still operating under a software development mental model that no longer holds. For many, one-week sprints are considered “fast.” Story points, velocity and agile ceremonies ...