Skip to main content

Tag: trivy

4 articles

Developer workstation with code on screen in a clean, minimalist environment.

Checkmarx Breach Exposes GitHub Repository Data on Dark Web

Checkmarx revealed that a security breach, linked to a March 23 supply chain attack, exposed sensitive GitHub repository data, which has now surfaced on the dark web. The incident has been contained, with no customer data compromised, as the affected repository was separate from Checkmarx's customer production environment.

Analyst 207
Mercor Hit in Widespread LiteLLM Supply-Chain Attack

Mercor Hit in Widespread LiteLLM Supply-Chain Attack

Thousands of companies, including AI hiring startup Mercor, have been hit by a widespread LiteLLM supply-chain attack, marking the first publicly disclosed downstream casualty of a software supply-chain intrusion. This incident raises a critical question: how can organizations trust their tech toolchains when the chain itself can be compromised?

Analyst 207
Cisco Hit by Alarming Code Heist After Trivy Breach

Cisco Hit by Alarming Code Heist After Trivy Breach

A shocking code heist has hit Cisco, with hackers making off with sensitive source code after infiltrating the company's internal development environment through a Trivy supply-chain attack. This brazen breach raises urgent questions about the hidden vulnerabilities lurking in today's interconnected development ecosystems.

Analyst 207
Malicious PyPI Packages Spread Devastating Malware

Malicious PyPI Packages Spread Devastating Malware

Malicious actors have struck again, this time infiltrating the Python Package Index (PyPI) with tainted versions of popular packages Telnyx and LiteLLM, putting developers' sensitive credentials at risk. Can we trust the software supply chain when even seemingly secure systems can be breached?

Analyst 207