News

The Hacker News2h

Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads

In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...

Hackers breach Toptal GitHub account, publish malicious npm packages

Hackers compromised Toptal's GitHub organization account and used their access to publish ten malicious packages on the Node ...

npm 'accidentally' removes Stylus package, breaks builds and pipelines

Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the package.
SecurityWeek4d

High-Value NPM Developers Compromised in New Phishing Campaign

Hackers have injected malware into popular NPM packages after compromising several developer accounts in a fresh phishing campaign.
CSO Online6d

Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack

DLL-based malware targets Windows users after a phishing campaign tricked the maintainer into leaking a token.
The Register on MSN3d

Freelance dev shop Toptal caught serving malware after GitHub account break-in

Malicious code lurking in over 5,000 downloads, says Socket researcher Developer freelancing platform Toptal has been ...
OSTechNix6d

Starship Prompt: Customize Your Linux Shell with Ease

Learn how to install and customize the Starship shell prompt on Linux. Make your terminal faster, cleaner, and more useful in just minutes.