World’s Largest Supply Chain Cyber Attack… And just 5 Cents Stolen?
You probably saw the headlines: the world’s largest npm supply chain attack, chalk and debug-js packages with BILLIONS of downloads...
You probably saw the headlines: the world’s largest npm supply chain attack, chalk and debug-js packages with BILLIONS of downloads...
Free and open-source digital audio manipulation project Audacity has recently issued an updated privacy notice leaving many Audacity users concerned....
This week Google has open-sourced its Fully Homomorphic Encryption (FHE) toolkit on GitHub. The toolkit includes open-source libraries enabling developers...
On April 1st software testing firm, Codecov became aware of a security incident. The company learned, that for over two...
In 2015, strange 9000.0.x versions of PrismJS appeared on npm downloads, and nobody had a clue where they came from,...
The Git project has released patches for a severe remote code execution (RCE) vulnerability, CVE-2021-21300. The flaw can be exploited...
Developers have fixed a critical vulnerability in the WooCommerce Upload Files plugin. WooCommerce is an open-source e-commerce platform used by...
A gray hat hacker has published over 7,000 dependency confusion packages to npm and PyPI repositories and continues to do...
This week, the source code of CMA, a software provider relied on by leading central banks across nations and stock...
A new family of Discord malware has been spotted by Sonatype this week. Known as CursedGrabber, multiple strands of this...