ADTmag

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a ...
MediaNama

Why CERT-In Is Warning Startups and IT Companies About Dune-Inspired Malware ‘Shai-Hulud’

CERT-In has issued an advisory warning of Shai-Hulud malware that targets JavaScript’s Node Package Manager (npm) ecosystem ...

5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

Exclusive: 'We will see more attacks' Ledger CTO warns after NPM breach

Charles Guillemet says a phishing-led supply-chain breach could have become a systemic disaster for crypto users.

Hackers exploited Zimbra flaw as zero-day using iCalendar files

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in ...
InfoWorld

Chainguard offers malware-resistant JavaScript libraries

Responding to recent NPM malware attacks, Chainguard Libraries for JavaScript seeks to address security vulnerabilities in ...

Introducing Chainguard Libraries for JavaScript: Malware-Resistant Dependencies Built Entirely from Source

Chainguard, the trusted foundation for software development and deployment, today announced Chainguard Libraries for JavaScript, a collection of trusted builds of thousands of common JavaScript ...