InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...

GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...