资讯

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
Security Boulevard2 天

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
The Security Ledger3 天

Ethereum Smart Contracts Abused In Open Source Supply Chain Attack

ReversingLabs researcher Lucija Valentić discovered malicious packages on the Node Package Manager (npm) open source ...
XDA Developers on MSN2 天

I tried "vibe coding" with ChatGPT, and the vulnerabilities made me never want to use it again

"Vibe coding" is a phenomenon that curiously differs in definition depending on who you're asking. It's a spectrum of sorts; ...
WeLiveSecurity3 天

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS ...