All news

CI/CD

(2 articles)
Poisoned Ruby Gems and Go Modules Hit CI Pipelines

May 1, 2026

Poisoned Ruby Gems and Go Modules Hit CI Pipelines

Attackers are poisoning Ruby Gems and Go Modules to steal credentials from CI pipelines. Here's how the attack works and how to defend your build system.

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 via Trivy CI/CD Compromise

March 24, 2026

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 via Trivy CI/CD Compromise

Threat actor TeamPCP compromised LiteLLM versions 1.82.7-1.82.8 by poisoning Trivy in a CI/CD supply chain attack. Here is what developers need to know.