Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

March 21, 2026

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

March 21, 2026

Ravie LakshmananMar 21, 2026Cyber Espionage / Threat Intelligence Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

March 21, 2026

Ravie LakshmananMar 21, 2026Vulnerability / Threat Intelligence Oracle has released security updates to address a critical security flaw impacting Identity

Malicious Script Injection in Trivy Compromise Enables Credential Theft

March 21, 2026

Malicious Script Injection in Trivy Compromise A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

March 21, 2026

Ravie LakshmananMar 21, 2026Malware / Threat Intelligence The threat actors behind the supply chain attack targeting the popular Trivy scanner

FBI, CISA Warn Russian Hackers Are Targeting High-Value Individuals Through Signal

March 21, 2026

FBI, CISA Warn Russian Hackers The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have

Chrome Security Update Fixes 26 Vulnerabilities Allowing Remote Code Execution

March 20, 2026

Google has released a substantial security update for its Chrome web browser, addressing 26 distinct vulnerabilities that could allow unauthenticated

FBI links Signal phishing attacks to Russian intelligence services

March 20, 2026

The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted

Oracle pushes emergency fix for critical Identity Manager RCE flaw

March 20, 2026

Update: Added that Oracle declined to comment on whether the vulnerability has been exploited. Oracle has released an out-of-band security

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

March 20, 2026

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a

Anthropic Launches Projects Feature for Claude Cowork Desktop

March 20, 2026

Anthropic is expanding Claude Cowork Desktop with a new Projects feature designed to keep files, instructions, and task context organized

Windows 11 March Update Breaks Microsoft Teams and OneDrive Sign-Ins

March 20, 2026

Windows 11 March Update Breaks Teams Microsoft has acknowledged a significant bug introduced by its March 2026 cumulative update that

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.