Security Boulevard

TeamPCP Takes Cover by Releasing Source Code on GitHub, Spurs Copycats

The first half of this year has been marked by a series of attacks on supply chains in the npm and PyPi ecosystems—and the culprit is TeamPCP, which stepped up the attacks as the months rolled on. But ...

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
Security Boulevard

Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign

The post Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign appeared first on Tenable Blog. A self-propagating worm has compromised more than 170 npm and ...