Cyber Reports Cybersecurity News & Information

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

SAN FRANCISCO — GitHub has launched a new set of security upgrades for npm designed to reduce software supply chain...

Cryptocurrency5 months ago

Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist

A sophisticated software supply chain attack known as Shai-Hulud has been identified as the root cause of a major cryptocurrency theft that drained approximately $8.5 million...
AI & Machine Learning6 months ago

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Researchers have uncovered more than 30 security vulnerabilities across a wide range of AI-powered coding tools and IDE extensions, exposing developers to risks including data exfiltration,...
Cybersecurity7 months ago

Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket...