The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web ...
In light of recent cyberattacks and growing security concerns, GitHub is taking immediate and direct action to secure the ...
Process improvements and a closer look at funding streams will provide far more protection for the open source software we ...
Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially ...
In response to the recent supply chain attack in the JavaScript package manager npm, GitHub has made a few changes that will ...
Chainguard, the trusted foundation for software development and deployment, today announced Chainguard Libraries for JavaScript, a collection of trusted builds of thousands of common JavaScript ...
A new self-replicating worm dubbed Shai-Hulud has compromised over 180 npm packages, stealing credentials and spreading ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback