When Aqua Security disclosed the Trivy compromise on March 19, most teams treated it as a contained incident. Rotate the secrets, pin to a safe commit, move on.
Everyone noticed when Axios got backdoored on March 31st.
We spent three years panicking about GPU availability.
Twelve months ago, if you asked an ML platform team what kept them up at night, the answer was GPU availability.
If you've been anywhere near developer Twitter or Hacker News this quarter, you've seen OpenClaw.
#From One Stolen Token to 50 Compromised Packages: Anatomy of the TeamPCP Supply Chain Attack It started with a pull_request_target misconfiguration in a...