SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
PCGamesN

Azure Latch codes April 2026

April 1, 2026: We added a new Azure Latch code to our list, offering free rewards. We checked our existing codes, too, which you can still get a bunch of coins and emotes from. What are the new Azure ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Visual Studio Magazine

Microsoft Ships Production-Ready Agent Framework 1.0 for .NET and Python

Microsoft has released version 1.0 of its open-source Agent Framework, positioning it as the production-ready evolution of the project introduced in October 2025 by combining Semantic Kernel ...
The New York Times

Meta Delays Rollout of New A.I. Model After Performance Concerns

The tech giant pushed back the timeline after spending billions to be on the cutting edge of artificial intelligence. By Eli Tan Reporting from San Francisco Mark Zuckerberg, the chief executive of ...