At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

With the ttyd command line tool, you can transform your terminal into a live, interactive web app that anyone can access with a link.

Cloudflare last week pinned the attack on a threat group it tracks as GRUB1 that aligns with UNC6395. And it's suspected that ...

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...

Salesloft said it has restored the integration between its Drift platform and Salesforce after an investigation by Mandiant linked an August supply chain attack to the compromise of Salesloft’s GitHub ...

Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...

Paytrie AB Inc., a platform for buying and selling stablecoins, is joining the Circle Payments Network in what it says is an ...

GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...