A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into ...
The foundations said in their blog post that automated CI systems, large-scale dependency scanners, and ephemeral container ...
Two malicious packages with nearly 8,500 downloads in Rust's official crate repository scanned developers' systems to steal ...
Chrome faces its sixth zero-day attack in 2025 as Google patches critical V8 engine flaw CVE-2025-10585 discovered by Threat ...
Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after attackers injected malware into 18 popular packages that together account for ...
Process improvements and a closer look at funding streams will provide far more protection for the open source software we ...
Charles Guillemet, chief technology officer at hardware wallet maker Ledger, warned on X on Monday that a large-scale supply chain attack is underway after the compromise of a reputable developer’s ...
The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a ...
Researchers at security company Varonis have uncovered a crafty new Gmail phishing attack that not only masquerades as a PDF attachment, but automatically prompts victims to open it. The MatrixPDF ...
Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to be the world’s biggest supply-chain attack ever. “Sorry everyone, I should ...
A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.
In light of recent cyberattacks and growing security concerns, GitHub is taking immediate and direct action to secure the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback