pull down to refresh

Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
533 sats \ 1 comment \ @aljaz 5h security
related
Alert: ledger library confirmed compromised and replaced with a drainer.
6105 sats \ 48 comments \ @IgnaciobTato 14 Dec 2023 privacy
We Just Found Malicious Code in the Popular NPM Packagejdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1397 sats \ 18 comments \ @kristapsk 8 Sep security
How to Verify the Impact of the Recent NPM Attack on My Wallets?
400 sats \ 29 comments \ @spiderman 11 Sep bitcoin
Multiple Linux Backdoors Discovered Targeting Bitcoin Core Developer -LukeDashJrlordx64.medium.com/multiple-linux-backdoors-discovered-targeting-bitcoin-core-developer-technical-analysis-793f8491f561
2269 sats \ 62 comments \ @nym 19 Jan 2023 bitcoin
We have identified and removed a malicious version of the Ledger Connect Kittwitter.com/Ledger/status/1735291427100455293
1906 sats \ 16 comments \ @0xbitcoiner 14 Dec 2023 bitcoin
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermindwww.wired.com/story/jia-tan-xz-backdoor/
523 sats \ 2 comments \ @ch0k1 3 Apr 2024 security
NPM security: preventing supply chain attacks | Snyk (2022)snyk.io/blog/npm-security-preventing-supply-chain-attacks/
417 sats \ 20 comments \ @ek 9 Sep security
Hackers Leak Documents From Pentagon IT Services Provider Leidosarchive.is/LKUuU
492 sats \ 4 comments \ @k00b 23 Jul 2024 security
Malicious PyPi package steals Discord auth tokens from devswww.bleepingcomputer.com/news/security/malicious-pypi-package-steals-discord-auth-tokens-from-devs/
59 sats \ 0 comments \ @ch0k1 18 Jan security
Experts found 3 malicious packages hiding crypto miners in PyPi repositorysecurityaffairs.com/156897/malware/malicious-packages-pypi-repository.html
812 sats \ 2 comments \ @Gian 5 Jan 2024 security
The GitHub Actions Worm: Compromise GitHub Repos Through the Actions Dep Treewww.paloaltonetworks.com/blog/prisma-cloud/github-actions-worm-dependencies/
3819 sats \ 5 comments \ @k00b 17 Sep 2023 tech
NPM debug and chalk packages compromisedwww.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
233 sats \ 0 comments \ @hn 8 Sep tech
‼️ ATTENTION! Open Source Software is attacked!
805 sats \ 43 comments \ @DarthCoin 31 May 2023 bitcoin
Who's spying on your Bitcoin node? w/ @0xB10C | Journey to Sovereigntyjourneytosovereignty.alitu.com/episode/6d4b78cb-de83-4819-934a-d077ad836762
533 sats \ 4 comments \ @foundationdvcs 29 Mar 2023 bitcoin
Unfollow old and follow new Coinos accountnjump.me/nevent1qvzqqqqqqypzp5vla32qylgfwpj5sg5q4ct6drg264ls7hp05a8zfu7mhv0xc4y4qythwumn8ghj7cnfw33k76twv4ezuum0vd5kzmp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qpqjxxca45xq0r2ffh8zygz0678yljpwmp9l00xvrrsw9hd9u28xwwsyv3cg8
478 sats \ 6 comments \ @ek 11 Jul nostr
Next.js shaken by level 9.1 critical exploit ...www.youtube.com/watch?v=AaCnBOqyvIM
219 sats \ 1 comment \ @ek 26 Mar security
Hacking campaign compromised at least 16 Chrome browser extensionssecurityaffairs.com/172491/hacking/chrome-browser-extensions-compromise.html
166 sats \ 0 comments \ @nym 1 Jan security
Are There Some Sample Transactions from the Recent NPM Exploits?
100 sats \ 1 comment \ @spiderman 11 Sep bitcoin
🧵 Widespread malware attack on GitHubnitter.it/stephenlacy/status/1554697077430505473
314 sats \ 14 comments \ @cryptocoin 3 Aug 2022 bitcoin
firefox-patch-bin, librewolf-fix-bin and other AUR packages contain malwarelists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/7EZTJXLIAQLARQNTMEW2HBWZYE626IFJ/
308 sats \ 2 comments \ @k00b 24 Jul security
Critical Next.js Vulnerability Allows Attackers Bypass Middleware Authorizationthehackernews.com/2025/03/critical-nextjs-vulnerability-allows.html
204 sats \ 2 comments \ @ch0k1 25 Mar security