Storia in 2 fonti

How `shieldcortex audit --deps` Catches the parikhpreyash4 Supply-Chain Attack

A 700-repo npm supply-chain campaign drops /tmp/.sshd and bolts a fake "Dependency Cache Sync" step into your GitHub Actions. Here's the one-liner that flags it before npm install ever runs.

Raccontata da

thehackernews.com

dev.to

Confronto fonti

2 prospettive sulla stessa storia

AI · summaries

dev.toStai leggendo1 g fa

How `shieldcortex audit --deps` Catches the parikhpreyash4 Supply-Chain Attack

A 700-repo npm supply-chain campaign drops /tmp/.sshd and bolts a fake "Dependency Cache Sync" step into your GitHub Actions. Here's the one-liner that flags it before npm install ever runs.

originale

thehackernews.com1 g fa

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

8 Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

Leggi questa versione → originale

Timeline cronologica

sabato 23 maggio 2026·thehackernews.com
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
8 Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
sabato 23 maggio 2026·dev.to
How `shieldcortex audit --deps` Catches the parikhpreyash4 Supply-Chain Attack
A 700-repo npm supply-chain campaign drops /tmp/.sshd and bolts a fake "Dependency Cache Sync" step into your GitHub Actions. Here's the one-liner that flags it before npm install…