A new supply chain attack dubbed Mini Shai-Hulud has compromised more than 400 malicious versions across 170 software packages, with high-profile...

TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems. This...

The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages. The post...

A large-scale npm supply chain attack has compromised multiple widely used packages within the @antv ecosystem, to investigate what appears to be an...

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the...

A malicious version of the plugin was published to the Jenkins Marketplace late last week. The post Checkmarx Jenkins AST Plugin Compromised in Supply...

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware...

4 posts were published in the last hour 7:2 : Compromised GitHub Action Steals Workflow Credentials 7:2 : Popular GitHub Action Tags Redirected to...

OpenAI disclosed that two employee devices were compromised following a supply chain attack on TanStack, a widely used JavaScript library framework....

Victims span across the aviation, critical infrastructure, energy, logistics, public administration, and technology sectors. The post Over 500...