In a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing ...

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with ...

GitHub is being weaponized as malware infrastructure, report warns Emmenhtal and Amadey are part of a coordinated, ...

A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT).

The landscape of malware analysis has significantly evolved, driven by the increasing sophistication of cyber threats and the advanced techniques being developed to combat them. Malware attacks on ...

A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational.

One of the biggest mysteries surrounding Sansec’s discovery is how the malware that kicked off the supply-chain attack managed to remain dormant and undetected for six years before coming to life.

The campaign itself was “highly targeted”, Proofpoint said, going after organizations in different industries across the US and Europe, including government, healthcare, supply chain, and retail.

Recent attacks by the state-run cyberespionage group against Ukrainian government targets included malware capable of ...

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities ...