Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

GitHub says a poisoned VS Code extension exposed 3,800 internal repos as Binance founder CZ tells crypto devs to rotate keys.

The open source project said hackers stole its codebase and threatened to publish its source code if the company did not pay.

For protocol founders and security researchers, the incident reinforced a broader shift underway across crypto: DeFi is no longer primarily battling coding bugs. It’s battling complexity.

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

The University of Toronto, the University of British Columbia and the University of Alberta are among the largest Canadian ...

Privately-held, extended detection and response firm Trellix disclosed over the weekend that hackers found their way to its source-code repository. See Also: How Organizations Are Strengthening ...

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. Trellix is a global cybersecurity company formed from the October 2021 ...

A weekend hack that saw almost $300 million drained from a little-known crypto project has triggered a crisis of confidence among decentralized-finance investors, with users pulling billions of ...

The cryptocurrency industry is facing a severe security crisis. In just under 20 days, digital asset platforms have lost more than $605 million to cyberattacks. The latest and most devastating ...