Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
AUTO Connected Car News

GlassWorm Supply Chain Cyber Attack Threatens Connected Cars

This is GlassWorm: a software supply chain attack that security researchers are calling one of the most sophisticated and ...