All posts tagged "supply chain attack"
-
Security
/ 2 months agoCheckmarx GitHub Actions Compromised by TeamPCP Hackers
A threat actor known as TeamPCP has compromised two GitHub Actions workflows maintained by the software supply chain security firm Checkmarx....
-
Security
/ 2 months agoMalicious npm Packages Steal Crypto Wallets in ‘Ghost’ Campaign
cybersecurity researchers have identified a new set of malicious software packages within the widely used npm registry, designed to steal cryptocurrency...
-
Security
/ 2 months agoMalicious Backdoor Found in Popular Python Package LiteLLM
A widely used Python library for managing large language model APIs has been compromised, with two of its versions containing a...
-
Security
/ 2 months agoMalicious Trivy Docker Images Spread Infostealer, Worm
cybersecurity researchers have identified a series of malicious container images distributed on Docker Hub, stemming from a recent supply chain attack...
-
Security
/ 2 months agoSupply Chain Attack Spreads Worm Through npm Packages
A significant software supply chain attack has compromised dozens of popular npm packages, deploying a self-propagating worm. Security researchers report that...
-
Security
/ 2 months agoTrivy GitHub Actions Compromised, Secrets Stolen in Supply Chain Attack
The GitHub Actions for Trivy, a widely used open-source security scanner, were compromised for the second time in a month, leading...
-
Security
/ 2 months agoGlassWorm Attack Uses VSX Registry to Target Developers
cybersecurity researchers have identified a significant evolution in the GlassWorm supply-chain attack, which now abuses the Open VSX registry to compromise...
-
Security
/ 2 months agoMalicious Rust Crates Target Developer Secrets via CI/CD
Cybersecurity researchers have identified a coordinated campaign involving five malicious software packages, or “crates,” in the Rust programming language ecosystem. These...
-
Security
/ 2 months agoSupply Chain Attack via nx npm Package Leads to AWS Breach
A threat actor identified as UNC6426 used credentials stolen during a software supply chain attack to gain administrative control over a...
-
Security
/ 2 months agoMalicious npm Package Poses as AI Tool to Deploy macOS RAT
cybersecurity researchers have identified a malicious package on the npm software registry that impersonates an installer for an artificial intelligence tool...
Artificial Intelligence
Startup Battlefield 200 Application Deadline is May 27
Artificial Intelligence
Cisco cuts 4,000 jobs, shifts focus to AI investment
Recent Posts
