OpenSSF Notes Quarter of Growth with New Members, Added AI Security Resources, and Growing Community

The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation focused on sustainably ...
Dark Reading

Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems

A Taiwanese student experimenting with software-defined radio shut down three bullet trains for nearly an hour, leading to an ...
Dark Reading

Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East

While the numbers are modest, the crackdown on cybercrime involved 13 countries in the MENA region, the largest ...

Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

OpenAI Launches Daybreak the Same Day Google Confirmed the First AI-Built Zero-Day Attack

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build ...
Opinion

The software supply chain is the new ground zero for enterprise cyber risk. Don’t get caught short

The software supply chain is the new ground zero for enterprise cyber risk. Don't get caught short - SiliconANGLE ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
Infosecurity Magazine

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...
Fireship on MSN

How a 732-byte Python script exploited Linux

A 732-byte Python script has uncovered a significant vulnerability in the Linux kernel, affecting users worldwide. Explore ...

GitHub investigating cyberattack linked to malicious VS Code extension and leaked internal repositories

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of ...
The Hacker News

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

Turla turns Kazuar into a 3-module P2P botnet, enabling stealthy C2, resilient tasking, and persistent access.