News

InfoWorld5d

Wave of npm supply chain attacks exposes thousands of enterprise developer credentials

Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.
Hackaday5d

This Week In Security: DEF CON Nonsense, Vibepwned, And 0-days

DEF CON happened just a few weeks ago, and it’s time to cover some of the interesting talks. This year there were two talks ...
Infosecurity Magazine5d

Npm Package Hijacked to Steal Data and Crypto via AI-Powered Malware

A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants ...
Infosecurity Magazine6d

Malicious VS Code Extensions Exploit Name Reuse Loophole

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages ...