News

Self-propagating worm fuels latest npm supply chain compromise

In a similar style to the Nx attack, the payload then publishes a new repo via the victim's GitHub account, dropping stolen ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

The malicious JavaScript code ("bundle.js") injected into each of the trojanized package is designed to download and run ...

Amazon bolsters AI agent push with new executive hires, according to internal memos

Amazon is strengthening its AI agent strategy with two new executive hires, enhancing AWS's developer tools and ...

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...