All posts tagged "supply chain attack"
-
Security
/ 2 weeks agoTrivy GitHub Actions Compromised, Secrets Stolen in Supply Chain Attack
The GitHub Actions for Trivy, a widely used open-source security scanner, were compromised for the second time in a month, leading...
-
Security
/ 3 weeks agoGlassWorm Attack Uses VSX Registry to Target Developers
cybersecurity researchers have identified a significant evolution in the GlassWorm supply-chain attack, which now abuses the Open VSX registry to compromise...
-
Security
/ 4 weeks agoMalicious Rust Crates Target Developer Secrets via CI/CD
Cybersecurity researchers have identified a coordinated campaign involving five malicious software packages, or “crates,” in the Rust programming language ecosystem. These...
-
Security
/ 4 weeks agoSupply Chain Attack via nx npm Package Leads to AWS Breach
A threat actor identified as UNC6426 used credentials stolen during a software supply chain attack to gain administrative control over a...
-
Security
/ 4 weeks agoMalicious npm Package Poses as AI Tool to Deploy macOS RAT
cybersecurity researchers have identified a malicious package on the npm software registry that impersonates an installer for an artificial intelligence tool...
-
Security
/ 1 month agoNorth Korean Hackers Deploy Malicious npm Packages in Global Campaign
cybersecurity researchers have identified a new phase of a persistent cyber espionage campaign, attributed to North Korean state-sponsored actors, involving the...
-
Security
/ 1 month agoMalicious NuGet Package Impersonates Stripe Library to Steal Tokens
cybersecurity researchers have disclosed a new malicious software package found on the NuGet Gallery, a major repository for .NET developers. The...
-
Security
/ 1 month agoMicrosoft Warns of Fake Next.js Job Repos Spreading Malware
Microsoft has issued a warning to software developers about a coordinated campaign using fake job listings and counterfeit code repositories to...
-
Security
/ 1 month agoMalicious NuGet Packages Target ASP.NET Developers, Steal Data
cybersecurity researchers have identified a new campaign involving four malicious packages on the NuGet repository, a key software library for .NET...
-
Security
/ 1 month agoMalicious npm Packages Steal Crypto Keys and API Tokens
cybersecurity researchers have identified an ongoing software supply chain attack targeting developers through the npm registry. The campaign, active as of...
Artificial Intelligence
Anthropic to Charge Claude Code Users Extra for OpenClaw Access
Artificial Intelligence
Private Market Activity Soars with Anthropic, SpaceX IPO Looms
Artificial Intelligence
Moonbounce Raises $12M for AI Content Moderation Engine
Artificial Intelligence
WordPress.com Introduces AI Agents for Automated Publishing
Artificial Intelligence
Reddit Implements Human Verification to Combat Bot Activity
Recent Posts
