The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript ...
Recently, npm, the essential package manager used by developers worldwide, suffered a massive supply chain attack. This ...
Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...
Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...
Authorities announced taking down 106 SocGholish botnet C&C servers and domains, and cleaning up 15,000 WordPress websites.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results