github actions

The Second Fall of Trivy: How TeamPCP Poisoned the CI/CD Supply Chain

Aqua Security's Trivy was compromised a second time on March 19, 2026, by "TeamPCP." Learn how malicious v0.69.4 and GitHub Actions were used to steal CI/CD secrets, how to detect the breach, and immediate remediation steps.

William OGOU • Mar 20, 2026 • 7 min read

ai-security

AI Coding Tools Are the New Attack Vector: How IDEs Enable Silent Data Theft

New cybersecurity research uncovers how AI coding assistants like Cursor and GitHub Copilot and CI/CD agents are being exploited for data theft and remote code execution. Learn the details behind ‘IDEsaster’ and ‘PromptPwnd,’ plus essential steps to secure your development environment.

William OGOU • Dec 13, 2025 • 7 min read

github actions

The Second Fall of Trivy: How TeamPCP Poisoned the CI/CD Supply Chain

AI Coding Tools Are the New Attack Vector: How IDEs Enable Silent Data Theft

Your Privacy Matters