India’s cybersecurity agency warns of a fast-spreading npm supply chain worm, urging startups and ITes firms to secure ...
In light of recent cyberattacks and growing security concerns, GitHub is taking immediate and direct action to secure the ...
Furthermore, GitHub announced it would deprecate legacy classic tokens, as well as time-based one-time password (TOTP) 2FA, ...
An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...
Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...
A year after a glitch at cybersecurity company CrowdStrike triggered a global computer outage affecting millions of computers ...
"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli , were compromised in a software supply chain attack that allowed a malicious actor to publish ...
The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, the attacker republished every "qix" package with a crypto-focused payload.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback