The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Cybernews

Hundreds of code repos falling like dominoes, infected by new wave of self-replicating malware

A massive, self-replicating GlassWorm supply-chain attack has compromised hundreds of code repositories and extensions on ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

This new Claude Code Review tool uses AI agents to check your pull requests for bugs - here's how

Administrators with Team and Enterprise plans can enable Code Review through Claude Code settings and a GitHub app install.

OrgFlow Launches Managed Repositories to Simplify Salesforce DevOps for All Teams

New feature removes the requirement for external Git accounts, allowing Salesforce teams to automate deployments and ...
Bitcoin Magazine

Bitcoin Advances Toward Quantum Resistance with BIP 360 and New P2MR Output

BIP 360, a proposal to make Bitcoin more resistant to future quantum computing threats, has been updated and merged into the official BIP GitHub repository. BIP 360, a proposal aimed at preparing ...
Fabbaloo

Manyfold Releases Update to Its Open Source, Federated 3D Model Repository Software

Sample entry for a 3D model in Manyfold [Source: 3Dprint.social] Manyfold issued a big release of new features for their open source, distributed 3D model repository software. You may not have heard ...
Bleeping Computer

Target's dev server offline after hackers claim to steal source code

Update, Jan 13th, 2026: Multiple Target employees have now confirmed in our follow-up report the authenticity of leaked source code sample set and shared internal announcements regarding an access ...