GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based ...
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...
GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...
A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...
Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...
Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results