Memeburn

Microsoft Open-Source Tools Hacked to Steal AI Developers’ Passwords

Microsoft GitHub hack hit open-source AI tools, exposing developer passwords and cloud credentials. Here’s why SA tech teams ...
Tech Times

Homebrew 6.0.0 Adds Tap Trust to Block Rogue Ruby Installs, Starts Intel Countdown

Homebrew 6.0.0 shipped June 11 with tap trust, a mechanism that blocks arbitrary Ruby code from third-party taps until ...
SecurityWeek

OpenSSL Patches High-Severity Vulnerability Found With AI

The latest OpenSSL releases patch 18 vulnerabilities, including a high-severity issue that could allow remote code execution.
Computing

Microsoft’s GitHub repositories taken offline amid Miasma supply chain attack

Dozens of Microsoft-owned software repositories have been taken offline following a major cyberattack linked to the rapidly ...

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...
GitHub

README.md

OpenSSL Jostle is a Java provider that uses the OpenSSL Library for the cryptographic implementation. This is a collaboration between the OpenSSL Corporation and the Legion of the Bouncy Castle. This ...
Cryptopolitan

Attackers trojanized Arweave’s WeaveDB npm package to deploy malware

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...