The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Behold! The 2026 Women Leading Tech Awards Winners!Behold! The 2026 Women Leading Tech Awards Winners!

How many headlines, articles and self-indulgent LinkedIn posts have you seen lamenting the state of the tech industry in ...
InfoWorld

I ran Qwen3.5 locally instead of Claude Code. Here’s what happened.

You can now run LLMs for software development on consumer-grade PCs. But we’re still a ways off from having Claude at home.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...