Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...
The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...
Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
The NHS Couch to 5k app is celebrating its 10-year anniversary having reached more than 8 million downloads.
A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...
Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...
The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom ...
Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results