Cyber Daily

GitHub to address npm supply chain as CISA warns of spreading Shai-Halud worm

Popular code repository to take action against hackers targeting popular JavaScript code packages to spread malware.
ZDNet

How to use GitHub's AI coding assistant for free - and why it's worth a try

Before we begin, I will share one cautionary note. In my testing of the free GitHub Copilot's programming prowess, the AI failed half of my tests. That's not great. Paid subscriptions offer access to ...
SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent compromise of Josh Junon (Qix), the maintainer of 18 NPM packages that have ...

Salesloft says Drift customer data thefts linked to March GitHub account hack

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...

Hackers claim they stole 1.5 billion Salesforce records from hundreds of companies in major hack - but are they telling the truth?

ShinyHunters have finally revealed how much data it stole in the Salesloft / Salesforce attack, claiming to have taken 1.5 ...

ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks

The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.