CI/CD
Breaking
Technology
Longest-Running Supply Chain Poisoning Campaign Hits GitHub, 3,800 Repos Stolen
TeamPCP's self-replicating worm compromised seven waves of open-source infrastructure in nine weeks, evading every CVE scanner and provenance system in production.
AI
Technology
Google Patches CVSS 10.0 Flaw in Gemini CLI That Turned AI Developer Tool Into RCE Vector
A critical vulnerability in Google's AI command-line interface allowed attackers to execute arbitrary code through compromised GitHub Actions workflows, exposing systemic security gaps as enterprises rush AI tooling into production pipelines.