GitHub will enforce 2FA and deprecate legacy tokens to improve package publishing security Trusted Publishing will…
Continue ReadingCategory: Home Care
NPM packages from Nx targeted in latest worrying software supply chain attack
When a token with publishing rights was stolen, multiple poisoned Nx variants were released The malware…
Continue Reading
Chinese malware is flooding GitHub pages – HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning
Chinese users are being targeted by malware campaigns using spoofed download sites and SEO poisoning kkRAT…
Continue Reading
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
GhostAction attack stole 3,325 secrets from 327 GitHub accounts GitGuardian helped shut it down and alerted…
Continue Reading
Hook v3 unleashes a shocking arsenal of ransomware overlays, fake banking prompts, spyware functions, and real-time device monitoring
Hook v3 uses fake Google Pay overlays to trick victims into surrendering sensitive card data Real-time…
Continue Reading
GitHub CEO resigns – is this the latest sign of its Microsoft absorption?
Thomas Dohmke resigns as GitHub CEO, effective by the end of 2025 GitHub is getting closer…
Continue Reading