Cryptopolitan on MSN

Mini Shai-Hulud worm hijacks 323 npm packages under 30 minutes through a single stolen account

On May 19, the Mini Shai-Hulud worm compromised one npm maintainer account and pushed 639 malicious versions across 323 ...
BankInfoSecurity

Patched OpenClaw Flaw Let Hackers Hijack AI Agents

Four chainable flaws in OpenClaw allowed attackers to move from an initial foothold to persistent system-level compromise by ...
InfoWorld

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

Hundreds of malicious npm packages discovered in AntV ecosystem

The data visualization ecosystem AntV was targeted by a Mini Shai Hulud supply chain attack involving hundreds of malicious npm packages.

Clear your calendar, Drupal user: You have a critically urgent patch to install

If you use Drupal, get ready to patch without delay. The org behind the popular open source content management system is ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...
CSO Online

Contractor’s public GitHub account exposed GovCloud and CISA credentials

This kind of exposure happens with alarming frequency,’ said an expert; here’s what CSOs and CIOs should do to protect ...