Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

The security defects allow unauthenticated users to take control of the open source software supply chain. A systemic class of exploitable CI/CD vulnerabilities in the open source software supply ...