The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
GitHub

Vigolium - High-fidelity vulnerability scanner fusing agentic AI with native speed ...

Vigolium provides two complementary scanning modes: A cloud-based solution for teams that want the power of Vigolium without managing infrastructure. Console is the upgraded, fully-featured version of ...
GitHub

Secret Scanning Review Action

This Action adds more awareness, and optionally fails a pull request status check, when a secret scanning alert is introduced in commits, pull request title, description, comments, reviews, or review ...