The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

OpenAI unveiled Codex Security on Friday, an advanced application security tool that detects complex software vulnerabilities. Available in research preview to ChatGPT Enterprise, Business, and Edu ...

Cybersecurity stocks fell for a second day in a row after Anthropic unveiled Claude Code Security on Friday. CrowdStrike's CEO pushed back on the disruption fears in a LinkedIn post over the weekend.

Cyberthreat intelligence provider VulnCheck Inc. today announced that it had raised $25 million in new funding to scale growth and expand its intelligence capabilities. Founded in 2021, Vulncheck ...

Users could be tricked into running arbitrary code, but the issue was patched last week. February 17, 2026 Add as a preferred source on Google Add as a preferred source on Google Microsoft patched a ...

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT administrators. The warning comes after Google released a patch for Chrome to ...

The U.S. federal government is rethinking how to support its globally adopted vulnerability tracking ecosystem after years of backlogs, funding scares and growing doubts about whether the existing ...

New York, 27 January 2026 — United Nations Secretary-General António Guterres has appointed 15 leading experts to the Independent Expert Advisory Panel for the Multidimensional Vulnerability Index ...