SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Tech stocks today: OpenAI shuts down Sora, Arm launches data center chip

Tech stocks rose on Wednesday following a downbeat day for the sector as the war in Iran dragged on. Investors continue to ...

Tech stocks today: Anthropic announces new Claude capability, Nvidia's Jensen Huang says AGI era is here

Tech stocks fell on Tuesday after markets rebounded on hopes of talks between the US and Iran that could ease tensions.
Televisual

RTS Programme Awards: the winners

Programme Awards, announced at a ceremony in central London last night, saw Netflix drama Adolescence from Warp Films win ...