The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

ColorOS 16 March Update Adds Virus Scan, Multiple Timers, and Smart Tweaks

OPPO’s ColorOS 16 update adds a built-in virus scan, multiple timers, and new usability tweaks. Here’s what’s new, supported ...

Best Antivirus Software That Won’t Slow Down Your Computer

Discover the best antivirus programs for computers that keep you protected without slowing you down. Best Antivirus Software ...

Can You Leave An External Hard Drive Plugged In All The Time?

Leaving an external hard drive plugged in all the time carries some risk, but unplugging it constantly might actually be a ...

What is antivirus software and do you still need it in 2026?

What is antivirus software and do you still need it in 2026?
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Dark Reading

Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx, and the LiteLLM AI library — and all signs point ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

My 5-step security checklist for every new Windows PC

My 5-step security checklist for every new Windows PC ...

Scammers are targeting drivers with fake toll and ticket threats

Scammers try to trick drivers into thinking they face a court date and more trouble if they don't pay up for so-called ...
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...