SecurityWeek

Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack

Hackers used the secrets stolen in the recent Nx supply chain attack to publish over 6,700 private repositories publicly.
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel series — because it publishes any stolen credentials in a new public GitHub ...
SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were ...
TechAnnouncer

Mastering Cloud Orchestration: Top Tools & Strategies for 2025

Kubernetes Kubernetes, often shortened to k8s, is pretty much the go-to system for handling containerized applications.
Ervik.as

Wormable Malware Causing Supply Chain Compromise of npm Code Packages

Reports surfaced that the widely used npm package @ctrl/tinycolor had been compromised by Wormable Malware as part of a ...