GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

How Posting Iran War Info Can Get You Arrested—In UAE, Israel And More

Posting videos of strike impact sites and criticism of local government has led to arrests in a handful of countries ...

He Built the Definitive Epstein Database—and It Consumed His Life

The data engineer started as a casual reader of the Jeffrey Epstein files. Then he became obsessed, and built the most ...
Opinion

Cloudflare appeals Piracy Shield fine, hopes to kill Italy’s site-blocking law

Cloudflare hopes for EU action. Cloudflare said it met with AGCOM in 2024 to discuss Piracy Shield’s flaws and proposed different methods “that wouldn’t break the Internets ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

X finally lets you block Grok AI from modifying your photos, but the fix falls short

X’s new Grok edit blocker promises more control over your photos, but the feature only prevents AI edits triggered by tagging @Grok in replies. The post X finally lets you block Grok AI from modifying ...