Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

The leaked token, accidentally embedded by the company’s employee in a public repository, might have provided an attacker ...

Hackers used the secrets stolen in the recent Nx supply chain attack to publish over 6,700 private repositories publicly.

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...

At the same time, security researchers Wiz released a separate announcement, saying the malicious versions were carrying infostealing malware, grabbing secrets such as GitHub and NPM tokens, SSH keys, ...

On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the ...

According to researchers at Wiz, those poisoned packages were laden with malware designed to siphon secrets from developers, such as GitHub and NPM tokens, SSH keys, and cryptocurrency wallet details.

Researcher at DEF CON reveals some critical challenges in widely used SSH protocol and provider recommendations on how to make it better. The Secure Shell (SSH) protocol serves as the backbone of ...

Thomas Dohmke, chief executive of Microsoft Corp.’s GitHub unit, today announced plans to step down. Axios reported that the tech giant doesn’t plan to appoint a new CEO for the business. Instead, it ...

Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections ...

When using remote development environments, which heavily rely on SSH connections, developers frequently encounter an issue where Bitwarden repeatedly prompts for authorization of SSH key usage. This ...