500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
Decrypt

3 Wacky Hermes Skills You Should Try

You installed Hermes. You made it look better than ChatGPT. Now you're wondering what to actually do with it. Here are some ...
Electronics360

A simple tool to build and deploy AI on microcontrollers

Semiconductor provider Nuvoton Technology has launched a graphical user interface (UI) tool designed specifically for machine ...

Glice Installs 100m² Synthetic Ice Rink at 2026 IIHF World Championship Fribourg Fan Zone

Siss eco-ice manufacturer Glice hosts fans at the Official Fan Zone in Place Georges-Python until May 31stFRIBOURG, ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...

Terry Jones statue damaged by vandals less than a month after being unveiled

The celebratory sculpture of Monty Python star, Terry Jones in Colwyn Bay has been damaged by vandals with the door knockers ...

Glice AG: Glice Installs 100m² Synthetic Ice Rink at 2026 IIHF World Championship Fribourg Fan Zone

Siss eco-ice manufacturer Glice hosts fans at the Official Fan Zone in Place Georges-Python until May 31stFRIBOURG, ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.