Chainguard, the trusted foundation for software development and deployment, today announced Chainguard Libraries for JavaScript, a collection of trusted builds of thousands of common JavaScript ...
India’s cybersecurity agency warns of a fast-spreading npm supply chain worm, urging startups and ITes firms to secure ...
In, has issued a warning advising the country's startups and IT companies to be cautious of the Shai Hulud virus, which poses ...
A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially ...
DPRK used ClickFix to deliver compiled BeaverTail to crypto marketers; Windows build used password-protected archives, ...
North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools ...
North Korea’s Contagious Interview spreads AkdoorTea and TsunamiKit to steal crypto and infiltrate global developers.
ESET researchers reveal how malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers.
GitHub, which owns the npm registry for JavaScript packages, says it is tightening security in response to recent attacks.
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...
Process improvements and a closer look at funding streams will provide far more protection for the open source software we ...
North Korean hackers target the crypto sector with BeaverTail malware, using fake job offers to steal login credentials and crypto wallets.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback