"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
Cyber Daily

Code security platform Trivy compromised by malicious packages

Unidentified threat actors have successfully compromised the GitHub repository for “all-in-one” security scanner Trivy, ...