News
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...
On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
The "largest npm compromise in history" targeting crypto wallets through JavaScript packages has netted hackers just $1,043.
GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Cryptopolitan on MSN3d
Ledger CTO Charles Guillemet: avoid crypto transactions, supply chain attack discovered
Ledger's CTO Charles Guillemet warned of a large-scale supply chain attack, potentially stealing crypto from common software ...
Cryptopolitan on MSN5h
Researchers uncover new malware targeting crypto wallets
Mosyle security firm has discovered malware bypassing antivirus software on Windows, macOS, and Linux. The research firm ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback