CybersecurityThe Hacker News5h ago

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

AI Summary

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and S...

Read Full Article on The Hacker News

Recommended Tools

SponsoredVPN

NordVPN

Protect your online privacy with military-grade encryption and secure VPN.

Learn more →

SponsoredSecurity

1Password

Secure password manager for teams and individuals. Never reuse a password.

Learn more →

> Intelligence Brief

Stay ahead in AI & Tech

Get the top AI and tech stories delivered weekly. Curated summaries, no spam, unsubscribe anytime.

No spam. Unsubscribe anytime.

The Hacker News

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

Just now CNBC

Roblox shares plummet 18% as child safety measures weigh on bookings

Just now BleepingComputer

Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations

Just now The Hacker News

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

Just now