The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain ...

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Now I can use any operating system I want without losing features.

A large-scale GlassWorm malware campaign targeting developer platforms appears to be significantly more extensive and ...

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine ...

OpenAI Group PBC today announced plans to acquire Astral Software Inc., a startup with a set of widely used Python ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...