Advertisement
TeamPCP Supply Chain Campaign: Cisco Source Code Stolen, UNC6780 Activity
Analysis of the TeamPCP supply chain campaign, including the theft of Cisco source code and over 1,000 compromised SaaS environments tracked by Google GTIG as UNC6780.
Cisco Source Code Stolen: Trivy Supply Chain Attack Leads to Breach
Threat actors breached Cisco's dev environment using credentials from a Trivy supply chain attack, stealing proprietary and customer source code. Learn the impact and
Trivy Supply Chain Attack Targets CI/CD Secrets in DevOps Workflows
A supply chain attack leveraged the Trivy security tool to deploy an infostealer within CI/CD pipelines, compromising cloud credentials and sensitive secrets.
Trivy Supply Chain Attack: Malicious Docker Hub Images Identified
Attackers hijacked Trivy Docker Hub images (v0.69.4-0.69.6) to distribute infostealers and Kubernetes wipers. Learn how to detect and remediate this threat.
Trivy Supply Chain Attack Spreads CanisterWorm via 47 npm Packages
Attackers compromise 47 npm packages using CanisterWorm, a self-propagating threat leveraging ICP canisters following a major Trivy supply chain attack.