Software Supply Chain

Fuatilia

Seventy-three Microsoft open source packages were compromised late last week with malware that steals credentials from cloud services and developer tools. The malicious code activates when opened in AI coding agents.

Imeripotiwa na AI

Thousands of fake packages have inundated the npm registry, signaling a major cyber attack. The campaign appears to be preparing for a larger malicious operation, according to security reports. This incident highlights ongoing vulnerabilities in open-source software ecosystems.

Alhamisi, 30. Mwezi wa kumi 2025, 04:40:20

Malicious npm packages deliver infostealer malware to developers

Jumatatu, 20. Mwezi wa kumi 2025, 00:09:47

Backdoor in XZ Utils exposes Linux security risks

Jumamosi, 13. Mwezi wa tisa 2025, 00:39:20

Red Hat Introduces Rekor Monitor for Artifact Signer

Tovuti hii inatumia vidakuzi

Tunatumia vidakuzi kwa uchambuzi ili kuboresha tovuti yetu. Soma sera ya faragha yetu kwa maelezo zaidi.
Kataa