pull down to refresh

Multiple redhat-cloud-services npm Packages compromised - StepSecuritywww.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised
776 sats \ 1 comment \ @winteryeti 2 Jun tech
related
Supply Chain Attack in litellm 1.82.8 on PyPIfuturesearch.ai/blog/litellm-pypi-supply-chain-attack/
373 sats \ 0 comments \ @Scoresby 24 Mar devs
Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectorsthehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html
547 sats \ 0 comments \ @doofus 29 Feb 2024 security
The end of "trust me bro" - confidential computing for everyone
787 sats \ 1 comment \ @aljaz 5 Feb tech
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaignthehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
1134 sats \ 5 comments \ @Scoresby 23 Apr tech devs
CISA left a GitHub repo open with passwords, keys, tokenswww.theregister.com/security/2026/05/19/americas-top-cyber-defense-agency-left-a-github-repo-open-with-with-passwords-keys-tokens-and-incredibly-obvious-filenames/5242915
626 sats \ 3 comments \ @0xbitcoiner 19 May lol
GitHub suffers a cascading supply chain attack compromising CI/CD secretswww.infoworld.com/article/3849245/github-suffers-a-cascading-supply-chain-attack-compromising-ci-cd-secrets.html
389 sats \ 2 comments \ @ch0k1 21 Mar 2025 security
400+ AUR Packages Compromised with Infostealer and Rootkitdiscourse.ifin.network/t/400-aur-packages-compromised-with-infostealer-and-rootkit/577
288 sats \ 4 comments \ @k00b 12 Jun security tech
3 Must Know Tools for Top DevOps Engineers
796 sats \ 0 comments \ @BytePhysics 10 Jan 2024 devs
Claude Code's GitHub Actions Vulnerability Lets Attackers Compromise Any Repocybersecuritynews.com/claude-codes-github-actions-vulnerability/amp/
202 sats \ 1 comment \ @ch0k1 3 Jun security
🚨 CRITICAL: supply chain attack on axios
1626 sats \ 8 comments \ @justin_shocknet 31 Mar devs
OpenAI's macOS app-signing was exposed to Axios supply chain attackopenai.com/index/axios-developer-tool-compromise/
783 sats \ 1 comment \ @k00b 12 Apr AI
Compromised npm package silently installs OpenClaw on developer machineswww.csoonline.com/article/4135449/compromised-npm-package-silently-installs-openclaw-on-developer-machines.html
422 sats \ 4 comments \ @winteryeti 24 Feb AI
Claude, Gemini CLI & Copilot Vulnerable to Prompt Injection via GitHub Commentscybersecuritynews.com/prompt-injection-via-github-comments/
398 sats \ 0 comments \ @Tony 21 Apr security AI
We Just Found Malicious Code in the Popular NPM Packagejdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1497 sats \ 18 comments \ @kristapsk 8 Sep 2025 security
The Orchard Counterfeiting Vulnerability - zookox.com/zooko/status/2062644925590900980
1523 sats \ 35 comments \ @Scoresby 5 Jun news bitcoin
Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
1053 sats \ 3 comments \ @aljaz 16 Sep 2025 security
LiteLLM infected with credential-stealing code via Trivywww.theregister.com/2026/03/24/trivy_compromise_litellm/
503 sats \ 3 comments \ @0xbitcoiner 25 Mar AI
'Sha1-Hulud' npm malware is back
377 sats \ 0 comments \ @anon 28 Nov 2025 lightning
NPM debug and chalk packages compromisedwww.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
263 sats \ 0 comments \ @hn 8 Sep 2025 tech
The GitHub Actions Worm: Compromise GitHub Repos Through the Actions Dep Treewww.paloaltonetworks.com/blog/prisma-cloud/github-actions-worm-dependencies/
3820 sats \ 5 comments \ @k00b 17 Sep 2023 tech
CISA reports persistent FIRESTARTER backdoor in federal networksecurityaffairs.com/191241/hacking/cisa-reports-persistent-firestarter-backdoor-on-cisco-asa-device-in-federal-network.html
312 sats \ 0 comments \ @winteryeti 26 Apr tech