Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
IEEE

Unsupervised Encoder–Decoder Network Under Spatial and Spectral Guidance for Hyperspectral and Multispectral Image Fusion

Abstract: Owing to the limitations of hyperspectral optical imaging, hyperspectral images (HSIs) have a dilemma between spectral and spatial resolutions. The hyperspectral and multispectral image (HSI ...
CSOonline

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed. PyPI is ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

On March 19, 2026, Trivy, Aqua Security’s widely used open-source vulnerability scanner, was reported to have been compromised in a sophisticated CI/CD-focused supply chain attack. Threat actors ...
GitHub

Encode and Decode Strings.java

基于我们自己定的规律, 在decode的里面不需要过多地去check error input, assume所有input都是规范的. decode就是找"#",然后用 ...
Ars Technica

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...