by Beck Bailey | Sep 8, 2025 | RSS
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have...
by Beck Bailey | Sep 8, 2025 | RSS
An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account for billions of weekly downloads.
by Beck Bailey | Sep 8, 2025 | RSS
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft...
by Beck Bailey | Sep 8, 2025 | RSS
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become...
by Beck Bailey | Sep 8, 2025 | RSS
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is...
Recent Comments