SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
Dark Reading

Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx, and the LiteLLM AI library — and all signs point ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
TechJuice

Hackers Compromise Developer Tools In Major Supply Chain Attack

Hackers breach Checkmarx developer tools to steal sensitive data, exposing risks in widely used software systems.
Windows Report

Visual Studio Code Update Brings End-to-End Web Debugging and AI Control

Visual Studio Code 1.112 introduces in-editor web app debugging, Copilot Autopilot mode, and improved AI workflows for ...

Build apps faster with Microsoft Visual Studio Professional 2026 for under $50

Built for focused coding sessions.

How Claude Code's new auto mode prevents AI coding disasters - without slowing you down

How Claude Code's new auto mode prevents AI coding disasters - without slowing you down ...
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
CSO Online

Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave

Socket and Wiz confirm widespread credential theft and worm‑like propagation, with cached malicious Trivy artifacts still ...
i-SCOOP

Claude Code vs OpenCode, which one is better for AI coding

Compare Claude Code and OpenCode in depth, from model support and workflow to privacy, customization, pricing, and daily ...