Dark Reading

Attackers Hide Infostealer in Copyright Infringement Notices

A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran.
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

FBI says Iranian hackers are using Telegram to steal data in malware attacks

Hackers working for Iran’s government are using Telegram in hacking operations that use malware to target dissidents, ...

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
SecurityWeek

RSAC 2026 Conference Announcements Summary (Pre-Event)

A summary of the announcements made by vendors in the days leading up to the RSAC 2026 Conference. As hundreds of vendors ...
The Hacker News

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting ...
WinBuzzer

Trivy Breached Twice in a Month via GitHub Actions

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...