Supply chain attack hits 300 million-download Axios npm package

�� CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls ...

SSM Health Dean sues orthopedic surgeons leaving to start competing practice

SSM Health Dean was a planning an orthopedics ambulatory surgery center, which the new group says it will now build, along ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

GitHub developers targeted by fake VS Code alerts spreading malware

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...
Techzine Europe

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign is currently targeting developers via GitHub. Attackers are exploiting the Discussions feature to spread fake security ...