InfoWorld

Infected Red Hat npm packages expose developer credentials

Researchers have uncovered a new Shai-Hulud malware variant targeting Red Hat-related npm packages, spreading through ...
Martin Cid Magazine

Malicious code hid inside Red Hat’s npm packages and spread to steal cloud keys

Security researchers found malicious code buried inside more than 30 of Red Hat's official software packages, built to ...

Malicious npm package targeting OpenAI Codex users steals authentication tokens

The tool gathered over 29,000 downloads before the malicious npm package was identified ...
Bleeping Computer

Red Hat npm packages compromised to steal developer credentials

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, ...
The Hacker News

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...
InfoWorld

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.