Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
AWS recently announced ExtendDB, a DynamoDB-compatible adapter that lets developers use the DynamoDB API with different ...
Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.
A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. The malware targets 86 environment variables (key-value pairs) and ...
When embedded developers obtain a board or chip, it’s typically tied to a board support package (BSP) or software development kit (SDK). So what’s the difference between the two? Not all that much ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results