CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.
The New York Times

Book Review

Book publishing has few safeguards in place to prevent the unwitting publication of a novel heavily generated by artificial intelligence. By Alexandra Alter Ten recommendations for fans of Ann M.
CNET

An Electrician's Warning: Never Plug These Devices into Extension Cords

Corin Cesaric-Epple is a Flex Editor at CNET. She received her bachelor's degree in journalism from the University of Missouri-Columbia. Before joining CNET, she covered crime at People Magazine and ...