
npm registry attacked by secret-stealing worm
A new large-scale attack on a popular JavaScript code registry has hit around 150 packages. The automatic propagation of the threat makes it especially dangerous — developers need to react ASAP.
5 articles
A new large-scale attack on a popular JavaScript code registry has hit around 150 packages. The automatic propagation of the threat makes it especially dangerous — developers need to react ASAP.
A popular developer tool has been trojanized and is uploading secrets to public GitHub repositories. We discuss what’s important to know for both developers and cybersecurity services.
Attacks on companies via their suppliers and contractors are becoming increasingly widespread. How can you manage this risk?
What IT and cybersecurity leaders need to know about implementing network detection and response.
Analyzing incidents and drawing lessons from them should be an integral part of the incident response process. This can help improve the overall security level of a company.