TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects ...

Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour ...

Traefik Becomes the De Facto Standard for Kubernetes Networking as Major Platform Vendors Migrate from Ingress NGINX

IBM Cloud, Nutanix, OVHcloud, SUSE, TIBCO, and others standardize on Traefik Proxy, the only open source drop-in replacement for ingress NGINX with over 90% annotation coverage, as the ...

What is DeerFlow 2.0 and what should enterprises know about this new, powerful local AI agent orchestrator?

The primary condition for use is the technical readiness of an organization’s hardware and sandbox environment.
The Hacker News

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting ...
diginomica

Kubernetes puts ingress nginx to rest at KubeCon - 'Nobody can keep it safe'

Kubernetes formally archived one of its most widely deployed components on day one of KubeCon Europe 2026. Steering committee ...

How LangSmith Sandboxes Isolate Untrusted Code for AI Agent Workflows

LangSmith Deployments can create, use, and delete LangSmith Sandboxes automatically, including rendering pages and capturing ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

Mozilla introduces cq, describing it as 'Stack Overflow for agents'

Mozilla is building cq - described by staff engineer Peter Wilson as "Stack Overflow for agents" - as an open source project ...

Top LLM PyPl package compromised to steal user details

Aqua Security’s Trivy vulnerability scanner compromise is trickling down ...