StepSecurity
Related tags:
Posts about securityPosts about malwarePosts about infrastructurePosts about kubernetesPosts about helmPosts about cyber
A Mini Shai-Hulud has Appeared: Obfuscated Bun Runtime Payloads Hit SAP-Related npm Packageselementary-data Compromised on PyPI and GHCR: Forged Release Pushed via GitHub Actions Script InjectionBitwarden CLI Hijacked on npm: Bun-Staged Credential Stealer Targets Developers, GitHub Actions, and AI ToolsTeamPCP Injects Two-Stage Credential Stealer into xinference PyPI Packagepgserve Compromised on npm: Malicious Versions Harvest Credentials and Exfiltrate to a Decentralized ICP CanisterAnnouncing Dependabot Configuration Enhancements: Cooldown and Group SupportTraefik Helm Chart Supply Chain Attack: Malicious Chart Planted in Deprecated Kubernetes Repository@velora-dex/sdk Compromised on npm: Malicious Version Drops macOS Backdoor via launchctl PersistenceBehind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain AttackSuspicious Tag Movement in AWS’s GitHub Action: What Happened and Why It Matters
All posts from StepSecurity