SwissBorg $41M hack, hidden malicious npm code, sanctions on Southeast Asian networks, California launderer's sentencing, ...

Discover GitHub’s SpecKit, the tool transforming AI coding with precision, reliability, and seamless workflows. Say goodbye to vibe coding!

安全公司Wiz发现Nx供应链攻击影响持续扩大，研究团队指出，攻击者除了在初期窃取环境变量与凭证外，还进一步滥用外流的GitHub权限，将至少6,700个原本属于私有的存储库遭公开，涉及至少480个账号，其中三分之二为组织。这些动作让事件从单纯的恶意组 ...