GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...
Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...
La Caisse de dépôt et placement du Québec and Fidelity Investments Canada are backing a $300-million funding round by ...
A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. The malware targets 86 environment variables (key-value pairs) and ...
Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
10th June 2026: We added new Genshin Impact codes. Like a lot of free-to-play games, Genshin Impact has an in-game currency called Primogems that you'll find yourself quickly spending on Wish Items ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results