GIGAZINE

GitHub tokens leaked from prominent open source projects from Google and Microsoft

It has been discovered that GitHub authentication tokens have been leaked from several well-known open source projects on GitHub, including those from Google, Microsoft, Amazon Web Services (AWS), and ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
Bleeping Computer

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. According to a post-incident ...
TechRadar

NPM packages from Nx targeted in latest worrying software supply chain attack

When a token with publishing rights was stolen, multiple poisoned Nx variants were released The malware stole secrets and other important data The attack lasted a few hours, but could be causing ...