News

Windows Report22h
Malicious NPM packages are stealing data and damaging systems
Security experts at Socket’s Threat Research team, have discovered a campaign in the NPM ecosystem, which includes Malicious ...
Developer Tech1d
60 malicious npm packages caught mapping developer networks
The npm registry is once again in the spotlight, this time battling a malware campaign using malicious packages to map ...
GitHub2d
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.
CSO Online2d
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...
CSO Online3d
GitHub package limit put law firm in security bind
A cautionary tale of how a developer tool limit case could derail cybersecurity protections if not for quick thinking, public ...
GitHub5d
Pterodactyl Wings
Blueprint Create and install Pterodactyl addons and themes with the growing Blueprint framework - the package-manager for ... panel repository to report any issues or make feature requests for Wings.