Dark Reading

150,000 Packages Flood NPM Registry in Token Farming Campaign

A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz ...
Hackaday

This Week In Security: Landfall, Imunify AV, And Sudo Rust

Let’s talk about LANDFALL. That was an Android spyware campaign specifically targeted at Samsung devices. The discovery story ...
The Register on MSN

Crims poison 150K+ npm packages with token-farming malware

Amazon spilled the TEA Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the ...
InfoWorld

Copy-paste vulnerability hits AI inference frameworks at Meta, Nvidia, and Microsoft

Cybersecurity researchers have uncovered a chain of critical remote code execution (RCE) vulnerabilities in major AI ...