pull down to refresh

400+ AUR Packages Compromised with Infostealer and Rootkitdiscourse.ifin.network/t/400-aur-packages-compromised-with-infostealer-and-rootkit/577
288 sats \ 4 comments \ @k00b 12 Jun security tech
related
🚨 CRITICAL: supply chain attack on axios
1626 sats \ 8 comments \ @justin_shocknet 31 Mar devs
Supply Chain Attack in litellm 1.82.8 on PyPIfuturesearch.ai/blog/litellm-pypi-supply-chain-attack/
373 sats \ 0 comments \ @Scoresby 24 Mar devs
Apple - love it or hate it? 🍏
109.6k sats \ 44 comments \ @davidw 3 Mar 2024 privacy
The Curious Case of Digital Signatures
22.5k sats \ 60 comments \ @ek 23 Feb 2024 crypto
Multiple redhat-cloud-services npm Packages compromised - StepSecuritywww.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised
776 sats \ 1 comment \ @winteryeti 2 Jun tech
firefox-patch-bin, librewolf-fix-bin and other AUR packages contain malwarelists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/7EZTJXLIAQLARQNTMEW2HBWZYE626IFJ/
408 sats \ 2 comments \ @k00b 24 Jul 2025 security
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaignthehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
1134 sats \ 5 comments \ @Scoresby 23 Apr tech devs
Compromised npm package silently installs OpenClaw on developer machineswww.csoonline.com/article/4135449/compromised-npm-package-silently-installs-openclaw-on-developer-machines.html
422 sats \ 4 comments \ @winteryeti 24 Feb AI
Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
1053 sats \ 3 comments \ @aljaz 16 Sep 2025 security
Antoine Poinsot: Addressing Concerns on Relaxing Bitcoin Core's OP_RETURN Limits
6943 sats \ 8 comments \ @OneOneSeven 14 May 2025 bitcoin
We Just Found Malicious Code in the Popular NPM Packagejdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1497 sats \ 18 comments \ @kristapsk 8 Sep 2025 security
Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attackwww.phoronix.com/news/Arch-Linux-AUR-More-Malware
429 sats \ 0 comments \ @zuspotirko 2h tech devs
dirtyfrag: Universal Linux LPE - V4belgithub.com/V4bel/dirtyfrag
1024 sats \ 1 comment \ @Scoresby 7 May tech devs
Experts found 3 malicious packages hiding crypto miners in PyPi repositorysecurityaffairs.com/156897/malware/malicious-packages-pypi-repository.html
813 sats \ 2 comments \ @Gian 5 Jan 2024 security
Thousands of Linux Systems Infected By Stealthy Malware Since 2021arstechnica.com/security/2024/10/persistent-stealthy-linux-malware-has-infected-thousands-since-2021/
250 sats \ 0 comments \ @0xbitcoiner 4 Oct 2024 security
Fake Ledger Nano S Plus's being sold on third-party marketplaces - BitcoinNewsx.com/BitcoinNewsCom/status/2044890362037125281
487 sats \ 3 comments \ @Scoresby 16 Apr news bitcoin
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kitcloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit
1067 sats \ 0 comments \ @k00b 5 Mar tech
New Linux glibc flaw lets attackers get root on major distroswww.bleepingcomputer.com/news/security/new-linux-glibc-flaw-lets-attackers-get-root-on-major-distros/
741 sats \ 11 comments \ @ch0k1 1 Feb 2024 security
OpenAI's macOS app-signing was exposed to Axios supply chain attackopenai.com/index/axios-developer-tool-compromise/
783 sats \ 1 comment \ @k00b 12 Apr AI
GitHub suffers a cascading supply chain attack compromising CI/CD secretswww.infoworld.com/article/3849245/github-suffers-a-cascading-supply-chain-attack-compromising-ci-cd-secrets.html
389 sats \ 2 comments \ @ch0k1 21 Mar 2025 security
Lazarus Infects New Batch of JavaScript Packages With Crypto Stealing Malwaredecrypt.co/309669/lazarus-javascript-crypto-stealing-malware
1161 sats \ 0 comments \ @k00b 13 Mar 2025 security