packages
-
New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain
Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to…
Read More » -
New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries
In what’s a new kind of software supply chain attack aimed at open source projects, it has emerged that threat…
Read More » -
Malicious PyPI Packages Using Compiled Python Code to Bypass Detection
Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep…
Read More » -
How Wazuh Improves IT Hygiene for Cyber Security Resilience
IT hygiene is a security best practice that ensures that digital assets in an organization’s environment are secure and running…
Read More » -
PyPI Implements Mandatory Two-Factor Authentication for Project Owners
The Python Package Index (PyPI) announced last week that every account that maintains a project on the official third-party software…
Read More » -
GUAC 0.1 Beta: Google’s Breakthrough Framework for Secure Software Supply Chains
Google on Wednesday announced the 0.1 Beta version of GUAC (short for Graph for Understanding Artifact Composition) for organizations to…
Read More » -
U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes
A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has…
Read More » -
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled…
Read More » -
Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware
Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware…
Read More » -
Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Installs Compromised
PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack…
Read More »