Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
GitHub

MotionLCM: Real-time Controllable Motion Generation via Latent Consistency Model

😎 Tsinghua University, 🥳 Shanghai AI Laboratory (Correspondence: Jingbo Wang and Bo Dai). This work introduces MotionLCM, extending controllable motion generation to a real-time level. Existing ...