Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...
The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
A growing range of native macOS features are being repurposed by attackers to execute code, move laterally and evade ...
Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
Hamster Kombat has rapidly grown into one of the most widely recognised tap-based games since its launch in 2024, attracting ...
Threat actors are abusing the QEMU machine emulator to hide their malicious activity within virtualized environments.
Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
OpenAI is releasing more than 90 new plugins. These connectors—including CircleCI, GitLab, and Microsoft Suite—allow the ...
North Korean hackers used AppleScript and ClickFix in recent attacks targeting macOS systems at financial organizations.
Two newly discovered macOS threats are designed to harvest developer credentials and cloud access as attackers focus on ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results