“One of the Worst Software Releases I’ve Ever Witnessed.” Users Are Not Holding Back on FMCSA’s New MOTUS System

Two weeks ago, the Federal Motor Carrier Safety Administration flipped the switch on the biggest overhaul of its registration ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...