North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
IBM and Red Hat launch Lightwell to defend open-source code from AI attacks ...
A newly-disclosed exploit in Claude Code’s ‘auto-mode’ leaves developers facing remote code execution (RCE) vulnerabilities ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could ...
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Socket found a compromised Injective npm package stealing wallet keys amid rising crypto supply chain attacks.
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Cybersecurity researchers at ESET identify big rise in suspicious and malicious toolsets which put users at risk from ...
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node ...
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results