Supply Chain Attack Hits Axios NPM Packages
Axios is a dependency in nearly 80% of all cloud and code environments and sees approximately 100 million downloads per week.
All topics
Articles
104 Posts
Command Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens
The bug is a command injection issue and lies in the way that Codex processed GitHub branch names during the execution of tasks.
TeamPCP’s Supply Chain Attack Spree Continues
TeamPCP’s latest victim is the Telnyx Python SDK on PyPl, coming after a wave of supply chain hits on Aqua Trivy, Checkmarx KICS/OpenVSX, and LiteLLM.
For AI and Security, ‘The Storm is Coming’
Technology moves quickly, and as we’re discovering yet again, threat actors move just as quickly, and are adopting AI tools and platforms at an astonishing rate.
DoJ Sentences Russian Initial Access Broker to 6 Years in Prison
Aleksei Volkov, 26, has been sentenced to almost seven years in prison for his role in facilitated Yanluowang ransomware group attacks.
Mark Watney: Space Hacker
Wendy Nather joins Dennis Fisher to dig into the nutrient-rich narrative soil that produced a modern classic that truly epitomizes the hacker ethos. We are the greatest podcasters on Mars!