The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
Socket and Wiz confirm widespread credential theft and worm‑like propagation, with cached malicious Trivy artifacts still ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results