Connect with us
The threat actor TeamPCP, previously linked to supply chain attacks on Python packages like Trivy, KICS, and litellm, has now targeted the Telnyx Python package, publishing...
Cybersecurity researchers have identified a significant escalation in the ongoing Trivy supply chain attack, with threat actors deploying a self-spreading malware dubbed CanisterWorm across at least...
A recent supply chain attack targeting EmEditor, a popular Windows text and code editor, has resulted in the distribution of infostealer malware to users who downloaded...
Notepad++, the widely used free source code editor, has released a critical update to address a security flaw in its software updater that could allow attackers...
A previously unidentified APT hacking group named ‘Carderbee’ was observed attacking organizations in Hong Kong and other regions in Asia, using legitimate software to infect targets’...
Serde, a popular Rust (de)serialization project, has decided to ship its serde_derive macro as a precompiled binary. The move has generated a fair amount of push back among developers who worry...
A critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers escalate privileges, providing them with almost...
The X_Trader software supply chain attack that led to last month’s 3CX breach has also impacted at least several critical infrastructure organizations in the United States...
Recent Comments