Dark Reading

Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx, and the LiteLLM AI library — and all signs point ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

OpenAI pulls the plug on Sora, the viral AI video app that sparked deepfake concerns

OpenAI is shutting down its social media app Sora, which went viral last fall as a place to share short-form videos generated ...

OpenAI’s Sora was the creepiest app on your phone — now it’s shutting down

Though the underlying Sora 2 video- and audio-generation model is scarily impressive, there was not sustained interest in an ...
PCMag on MSN

That Was Fast. OpenAI to Shut Down Sora Video Generator App

Sora hasn't even been around a year. But OpenAI is ready to move on and use its compute power for more lucrative products.