News

How DevOps tools are opening the gates for high-profile cyberattacks

The leaked token, accidentally embedded by the company’s employee in a public repository, might have provided an attacker ...
Securities.io19h

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
Cyber Security Intelligence5h

AI-Powered Phishing Compromises Open-Source Downloads

The attack's genesis traces back to npm maintainer Josh Junon, known online as "qix," who fell victim to an AI-generated phishing email. According to the report, attackers crafted emails that evaded ...
Unite.AI21h

Web-Scraped AI Datasets and Privacy: Why CommonPool Deserves a Look

Artificial Intelligence (AI) has become a part of everyday life. It is visible in medical chatbots that guide patients and in generative tools that assist artists, writers, and developers. These ...