Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that ...
Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
Attackers have been targeting hotels and other hospitality organizations with a phishing campaign that uses malicious zip files purporting to include guest photos, with the aim of installing malware ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, developer, and AI credentials. A critical flaw in SimpleHelp, remote-access ...
The Miasma malware campaign has claimed another victim, poisoning more than 20 versions of legitimate npm packages used by the Leo Platform and RStreams ecosystems as its operators continue refining ...
Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based code analysis systems into overlooking malicious payloads. Threat actors ...
Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
On April 29, 2026, someone slipped malicious code into four widely used SAP software packages. Within days, the infection had spread to at least 169 packages across the npm registry, the world’s ...
一些您可能无法访问的结果已被隐去。
显示无法访问的结果