Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

By Ax Sharma on November 08, 2020 github

5 minute read time

Gitpaste-12, a worming botnet, is extremely versatile in its advanced capabilities as it leverages trustworthy sites like GitHub and Pastebin to host itself.

Read More...

Octopus Scanner compromises 26 OSS projects on GitHub

By Brian Fox on May 31, 2020 #OSSsecurity

4 minute read time

The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new form of software supply chain attack targeting NetBeans projects.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

Octopus Scanner compromises 26 OSS projects on GitHub

Secure your software supply chain

Subscribe for all the latest software security news and events