In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
search_vulns can be used to search for known vulnerabilities in software. To achieve this, it utilizes a locally built database containing various data sources about products, vulnerabilities, ...