X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - ITSECURITYNEWS.INFO - A La Une - Hier 12:03

Cache-poisoning caper turns TanStack npm packages toxic

Six-minute supply chain blitz pushed 84 malicious versions with credential theft and disk-wiping code This article has been indexed from www.theregister.com – Articles Read the original article: Cache-poisoning caper turns TanStack npm packages toxic

Articles similaires

Sorry! Image not available at this time

84 npm Packages Linked to TanStack Hit by Supply-Chain Breach

itsecuritynews.info - 06:05

A massive supply chain breach affecting 84 npm packages within the widely used TanStack ecosystem. Malicious actors compromised these packages by...

Sorry! Image not available at this time

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

bleepingcomputer.com - 11:29

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware...

Sorry! Image not available at this time

Mini Shai-Hulud Supply Chain Attack

itsecuritynews.info - 12:03

A new supply chain attack dubbed Mini Shai-Hulud has compromised more than 400 malicious versions across 170 software packages, with high-profile...

Sorry! Image not available at this time

SAP npm Supply Chain Attack Targets Developer Credentials

itsecuritynews.info - 30/Apr 19:34

A supply chain attack on SAP npm packages used preinstall scripts to steal developer and CI/CD credentials. The post SAP npm Supply Chain Attack...

Sorry! Image not available at this time

SAP npm Supply Chain Attack Targets Developer Credentials

itsecuritynews.info - 30/Apr 19:34

A supply chain attack on SAP npm packages used preinstall scripts to steal developer and CI/CD credentials. The post SAP npm Supply Chain Attack...

Sorry! Image not available at this time

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

itsecuritynews.info - 30/Apr 19:34

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious...

Sorry! Image not available at this time

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

itsecuritynews.info - 30/Apr 19:34

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious...

Sorry! Image not available at this time

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

itsecuritynews.info - 01/May 10:15

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled...

Sorry! Image not available at this time

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

itsecuritynews.info - 01/May 10:15

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled...

Sorry! Image not available at this time

Claude Code MCP Attack Enables Persistent Token Theft

itsecuritynews.info - 11/May 21:04

Researchers demonstrated a Claude Code attack that steals OAuth tokens through malicious MCP integrations and npm hooks. The post Claude Code MCP...

Les derniers communiqués