SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
GitHub

krishnamk00/Top-10-OpenSource-News-Weekly

Integrate security into CI/CD with the Trivy scanner Progress Announces New Components to Improve Developer Productivity 'Now' would be the right time to patch Ubuntu container hosts and ditch 21.04 ...