Infosecurity-magazine.com

New Attacks Exploit VSCode Extensions and npm Packages

A recent investigation by security researchers has revealed a troubling surge in malicious campaigns exploiting popular development tools, including VSCode extensions and npm packages. These campaigns ...
InfoWorld

Wave of npm supply chain attacks exposes thousands of enterprise developer credentials

A sophisticated supply chain attack has compromised the widely-used Nx build system package and exposed thousands of enterprise developer credentials. The campaign weaponized artificial intelligence ...