The Register
1 month, 1 week ago
Miasma worms its way onto GitHub as attack kit goes open source
As if there weren't enough package poisonings to worry about
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
As if there weren't enough package poisonings to worry about
'Attackers can now cheaply operationalize known vulnerabilities at scale,' boffins tell The Reg
Plus, the payload references 'TeamPCP/LiteLLM method' Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as it moves through developers' environments, and it shares significant overlap with the open source infections attributed to TeamPCP last month.…