资讯

The Hacker News

40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials

The malicious JavaScript code ("bundle.js") injected into each of the trojanized package is designed to download and run TruffleHog, a legitimate secret scanning tool, using it to scan the host for ...
CSO Online

Alert: Exploit available to threat actors for SAP S/4HANA critical vulnerability

“While widespread exploitation has not yet been reported,” Germany-based SecurityBridge said in a blog on Thursday, it has ...