packages
-
Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution…
Read More » -
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped…
Read More » -
North Korean Hackers Targets Job Seekers with Fake FreeConference App
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part…
Read More » -
Researchers Find Over 22,000 Removed PyPI Packages at Risk of Revival Hijack
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in…
Read More » -
North Korean Hackers Target Developers with Malicious npm Packages
Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry,…
Read More » -
GitHub Vulnerability ‘ArtiPACKED’ Exposes Repositories to Potential Takeover
A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain…
Read More »