: Mini Shai-Hulud caught spreading credential-stealing malware
Jessica Lyons Jessica Lyons
Ongoing supply-chain attack 'explicitly targeting' security, dev tools
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
1K+ cloud environments infected following Trivy supply chain attack
AI recruiting biz Mercor says it was 'one of thousands' hit in LiteLLM supply-chain attack
Cybercrooks ruin engineers' weekends with Saturday attack
Six-minute supply chain blitz pushed 84 malicious versions with credential theft and disk-wiping code
All your compromised credentials are belong to us now instead of the other gang
Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing
New IElevator2 COM interface? No problem
Incident hitting npm users is likely the biggest supply-chain attack ever.
