Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...
InfoQ

Java 26 Delivers Language Innovation, Library Improvements, Performance and Security

Oracle has released version 26 of the Java programming language and virtual machine. As the first non-LTS release since JDK ...

built the Epstein database

The data engineer started as a casual reader of the Jeffrey Epstein files. Then he became obsessed, and built the most ...
MUO on MSN

3 cool self-hosted projects to spin up this weekend

They are pretty easy to set up and extremely useful.
insider.si.edu

Smithsonian Open Access

Welcome to Smithsonian Open Access, where you can download, share, and reuse millions of the Smithsonian’s images—right now, without asking. With new platforms and tools, you have easier access to ...