A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...

According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to silently swap crypto wallet addresses in transactions. That means unsuspecting ...

The vendor was one of a many whose code modules were infected by a never before seen strand of malware known as "Shai-Hulud." ...

A new supply chain attack on npm, the node package manager, has injected the first malware with self-replicating worm ...

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

So far, according to recent court filings, the DOJ has already terminated monitorships for three firms that agreed to them under the Biden administration. Additionally, prosecutors stated they would ...

Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that ...

GenAI-powered Ask Zia Virtual Agent, Workflow Assist, and Script Generator are the Latest in a Series of AI Capabilities ...