Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to ...
Russian hackers are trying to sneak infostealers onto people's devices to grab passwords, crypto, and more.
A fake GitHub repository campaign created hundreds of malicious projects that impersonated legitimate software and cybersecurity tools. The repositories directed users to deceptive download pages that ...