Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
Bleeping Computer

Critical Windows Netlogon RCE flaw now exploited in attacks

The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...
Hackaday

Security Hacks

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities range ...
Hackaday

This Week in Security

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities range ...
SecurityWeek

Supply Chain Attack Hits 32 Red Hat NPM Packages

Hackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. On Monday, hackers hit Red Hat’s NPM repository in a new supply chain attack, ...
GitHub

yinggaozhen/awesome-go-cn

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...