The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers. "The compromised ...
GitHub

m-hagry/github-activity-analyzer

The GitHub Activity Analyzer extracts, processes, and analyzes GitHub activity data from organizations or specific repositories to provide insights into: ...
GitHub

Automated CI/CD Pipeline for a Multi-Container Movie Review App

This project demonstrates how to build and deploy a microservices-style web application using modern DevOps tools. The app consists of a frontend, backend, and database, all containerized with Docker, ...
Bleeping Computer

Salesloft: March GitHub repo breach led to Salesforce data theft attacks

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in widespread Salesforce data theft attacks in August. Salesloft is a widely ...
Bleeping Computer

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. According to a post-incident ...