New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
GitHub

quotar/opencode-ssh-mcp

An MCP (Model Context Protocol) server for SSH remote server management via AI agents like opencode - quotar/opencode-ssh-mcp ...
GitHub

ssh-certificate-login.mdx

About this tutorial Learn how to configure OpenSSH and SSHD for certificate authentication using step-ca Examples include copy/paste code blocks and pre-generated PKI. When complete, you will be able ...