News

How AI and politics hampered the secure open-source software movement

In November 2021, a zero-day vulnerability in a ubiquitous piece of open-source code stunned the technology industry and set ...

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the ...
Crypto News19h

“Avoid On-Chain Transactions”: Ledger CTO Issues Urgent Warning After JavaScript Attack

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...

TIME's Kid of the Year Is Protecting Seniors From Cybercrime

It was a near miss for the unsuspecting senior. The fact that criminals would seek to take advantage of an old man’s lack of ...
CSO Online5h

When AI nukes your database: The dark side of vibe coding

As developers lean on Copilot and GhostWriter, experts warn of insecure defaults, hallucinated dependencies, and attacks that ...

Massive Supply Chain Attack: Hackers Compromise NPM Packages with Billions of Downloads

In a shocking revelation, the largest supply chain attack in history has unfolded as hackers have injected malware into NPM packages that collectively garner over 2.6 billion weekly downloads. This ...
Crypto News8h

Crypto Firms Assess Fallout From Massive Supply Chain Security Breach

Crypto firms are racing to assess potential fallout after reports of a large-scale supply chain attack that compromised a ...
CryptoNewsZ6h

npm “debug” Attack Fails, Ledger CTO Confirms Minimal Impact

"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...