News

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

Chinese malware is flooding GitHub pages - HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning

Chinese users looking to download popular browsers and communications software are being targeted by different malware ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
TechRadar

GitHub unveils its huge code search makeover

With developers typically spending more time reading and understanding code than actually writing it, GitHub has released a new code search tool that has been several years in the making. After an ...
The Hacker News

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

August 2025 campaigns deliver kkRAT and Gh0st RAT variants via SEO poisoning, disabling antivirus to hijack crypto wallets.
Fireship on MSN

5 Ways to DevOps-ify your App | Github Actions Tutorial

Five easy ways to automate your software development process with Github Actions. Lean how to build CI/CD pipelines and other ...

GitHub’s New SpecKit Guide : The Future of AI-Assisted Software Development

Discover how GitHub's SpecKit transforms AI coding with spec-driven development, offering reliability, efficiency, and ...