InfoQ

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...
SDxCentral

NS1 Adds Security Capabilities, Takes on ‘DNS Cache Poisoning’ Attacks

NS1, a domain name system (DNS) and traffic management provider, is taking on “DNS cache poisoning” attacks with new DNS Security Extensions (DNSSEC) capabilities built into its platform. DNS ...

TanStack weighs invitation-only pull requests after supply chain attack

Shai-Hulud worm exploited GitHub Actions misconfiguration to poison shared cache, now project weighing nuclear option on ...