A massive supply chain attack has hit the popular npm package Axios. Versions 1.14.1 and 0.30.4 deploy a stealthy Remote Access Trojan (RAT) via a fake dependency. Learn how to detect and remediate this critical threat.
TeamPCP strikes again. The popular Python package litellm (versions 1.82.7 and 1.82.8) was compromised on PyPI, deploying a credential harvester and Kubernetes backdoor.
Aqua Security's Trivy was compromised a second time on March 19, 2026, by "TeamPCP." Learn how malicious v0.69.4 and GitHub Actions were used to steal CI/CD secrets, how to detect the breach, and immediate remediation steps.
Google has officially closed its acquisition of Wiz. Learn what this merger means for multi-cloud security, AI-driven threat detection, and platform support.
The AI security landscape is shifting rapidly. Discover Promptfoo, the LLM red-teaming and evaluation platform recently acquired by OpenAI, and how it fits into your AI security stack.
Docker goes beyond the base image with the release of Docker Hardened System Packages. Discover how 8,000+ secure, SLSA Level 3 certified packages for Alpine (and soon Debian) will eliminate vulnerabilities from your custom container builds.
Discover how Kali Linux integrates with Claude via the Model Context Protocol (MCP) to automate offensive security tasks using natural language prompts.