Articles on devtake.dev covering CanisterWorm.https://devtake.dev/en-ushttps://devtake.dev/article/canisterworm-namastex-npm-pypi-supply-chain/https://devtake.dev/article/canisterworm-namastex-npm-pypi-supply-chain/Socket flagged a self-propagating worm in @automagik/genie, pgserve, and 14 sibling Namastex Labs packages. It steals 40 credential categories and republishes itself.Tue, 28 Apr 2026 16:30:00 GMTsecuritynpmsupply-chaincanisterwormsecuritynamastexteampcppypicredential-theftluca-reinhardthttps://devtake.dev/article/trivy-supply-chain-attack-compromise/https://devtake.dev/article/trivy-supply-chain-attack-compromise/Attackers force-pushed 75 of 76 trivy-action tags to a malicious commit. Pinning by tag turned a trusted scanner into an infostealer for CI pipelines.Sat, 18 Apr 2026 08:30:00 GMTsecuritysupply-chaintrivyaqua-securitygithub-actionscicddevsecopsteampcpluca-reinhardt