Over half of the malware Sonatype discovered in Q1 2025 was designed to exfiltrate sensitive information from infected systems, the company said. Software supply chain security company Sonatype ...
Morning Overview on MSN
North Korea-linked hackers used fake Teams updates to hit Axios npm
Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...
Due to automation and a high-reward, low-risk threat environment, open source malware increased 188% year over year in the second quarter of this year. Supply-chain security vendor Sonatype today ...
A malicious campaign targeting developers through npm and GitHub repositories has been uncovered, featuring an unusual method of using Ethereum smart contracts to conceal command-and-control (C2) ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results