cognitive cybersecurity intelligence
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server.
“Every existing tag in the repository has been moved to point to an imposter commit that does not appear in the action’s normal commit history,
Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.
A large-scale npm supply chain attack has compromised multiple widely used packages within the @antv ecosystem, to investigate what appears to be an active and
Fast16 Malware Targets Nuclear Weapons Simulations To Corrupt Test Data cyberpress.org
“I thought it was a Steam game”… Malicious code found planted on users’ PCs Inven Global
‘Mini Shai-Hulud’ Malware Campaign Compromises Open-Source Packages in Major Supply Chain Attack CXO Digitalpulse
