Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages ...
GitHub

yo16/vscode-sql-formatter-bigquery

日本語で設定できる、SQLフォーマッターです。 SQLフォーマッターとは、SQLをいつも決まったルールで整形するツールです。 これを使うことで、プロジェクト内の全メンバーが、共通の ...
GitHub

crear-tabla-precios-publicaciones.sql

CREATE INDEX IF NOT EXISTS idx_real_estate_user ON real_estate_listings(user_id); CREATE INDEX IF NOT EXISTS idx_real_estate_category ON real_estate_listings(category ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware capable of stealing sensitive CI/CD secrets.