Do Son
Security researchers at Iru have detailed a sophisticated new threat targeting macOS users through the software supply...
npm
Cybersecurity researchers at Panther Threat Research have released a detailed exposΓ© on a massive, coordinated npm malware...
The cybersecurity world is facing a sprawling supply chain compromise as official distribution channels for Checkmarx, a...
The global development community is on high alert following reports of a major security incident at Vercel,...
A new investigative report from Panther has identified a dangerous cluster of malicious packages lurking within the...
The 1,700-Package Blitz: North Koreaβs “Contagious Interview” Infiltrates Every Major Dev Registry
The 1,700-Package Blitz: North Koreaβs “Contagious Interview” Infiltrates Every Major Dev Registry
Researchers at Socket have identified a massive new cluster of malicious packages linked to North Koreaβs notorious...
Security researchers at StepSecurity have sounded the alarm on a compromised version of the @velora-dex/sdk package. On...
The esteemed open-source library Axios, a staple of the contemporary industry, recently fell victim to a cyber...
The Google Threat Intelligence Group (GTIG) has issued an urgent warning regarding a sophisticated software supply chain...
In a major configuration oversight, the source code for Claude CodeβAnthropicβs flagship agentic CLI toolβwas recently leaked...
Security researchers at StepSecurity have issued an emergency warning regarding a high-stakes supply chain attack targeting axios,...
A critical vulnerability has been uncovered in node-convict, the widely used configuration management library designed to make...
Developers using the popular binary-parser library for Node.js are being urged to update their dependencies immediately following...
Developers relying on orval to generate type-safe clients from OpenAPI specifications are being urged to update immediately...
The open-source ecosystem has once again been weaponized, this time targeting developers working with cryptocurrency libraries. In...
A new investigation by Koi Security has exposed a highly sophisticated supply chain attack lurking in the...
A new investigation by The Socket Threat Research Team has uncovered a sophisticated spear-phishing operation that has...
A high-severity vulnerability has been uncovered in systeminformation, a massively popular Node.js library used by millions of...
CERT/CC has issued a warning about a high-impact cryptographic vulnerability in the Forge JavaScript library β also...
The Socket Threat Research Team has uncovered a highly coordinated malware campaign operating across seven npm packages,...