Software Supply Chain

关注

Seventy-three Microsoft open source packages were compromised late last week with malware that steals credentials from cloud services and developer tools. The malicious code activates when opened in AI coding agents.

由 AI 报道

Thousands of fake packages have inundated the npm registry, signaling a major cyber attack. The campaign appears to be preparing for a larger malicious operation, according to security reports. This incident highlights ongoing vulnerabilities in open-source software ecosystems.

此网站使用 cookie

我们使用 cookie 进行分析以改进我们的网站。阅读我们的 隐私政策 以获取更多信息。
拒绝