Chainguard launches trusted collection of verified JavaScript libraries

Chainguard Libraries for JavaScript include builds that are malware-resistant and built from source on SLSA L2 infrastructure ...

Malicious Rust packages on Crates.io steal crypto wallet keys

Two malicious packages with nearly 8,500 downloads in Rust's official crate repository scanned developers' systems to steal ...
Infosecurity Magazine

Malicious AI Agent Server Reportedly Steals Emails

The security researchers who discovered the malicious npm package called it the “first malicious MCP in the wild” ...
Cyber Daily

ACSC warns Aussie organisations of ongoing targeting of code repositories

Australian Cyber Security Centre issues a high alert regarding a series of attacks on online code repositories, as experts ...