Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings ...

OpenAI Launches Daybreak the Same Day Google Confirmed the First AI-Built Zero-Day Attack

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build ...
Morning Overview on MSN

The AI-generated zero-day discovered by Google used clean 'textbook' Python code — a hallmark of large language model output

The exploit code was almost too neat. When Google’s Threat Intelligence Group flagged a previously unknown software ...
cybernews

Supply chain hit once again: single NPM account pushes 600+ compromised packages, used by millions

Another massive supply chain attack is spreading. Hundreds of compromised NPM packages are being detected, with hackers using stolen secrets to create over 2,200 public GitHub repositories, all ...
Techlomedia

GitHub Investigating Unauthorized Access to Internal Repositories, Says Customer Data Not Impacted

GitHub has confirmed that it is investigating unauthorized access to some of its internal repositories. The company shared ...

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

Leaked Shai-Hulud malware fuels new npm infostealer campaign

The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected ...
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects ...
Dark Reading

Shai-Hulud Worm Clones Spread After Code Release

The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm ...
SlashGear

6 Home Office Projects That Use An Arduino Uno Rev3 Board

When it comes to performance, there's a world of difference between the Raspberry Pi and Arduino. The former, after all, is technically a fully functional computer that can run games, word processors, ...