An automated attack campaign with over 10,000 manipulated GitHub repositories targets AI agents to steal credentials and cryptocurrency wallet data using the infostealer StealC.
Attackers from the Atomic Arch campaign infiltrate over 1,500 orphaned AUR packages with eBPF-based rootkits for credential theft, prompting Arch Linux to halt new account registrations.
Supply chain attack via manipulated CDN conceals admin accounts and web shells on over 1.2 million WordPress websites; infections are not detectable through the standard dashboard.
A self-replicating worm compromises 73 Microsoft repositories through stolen administrative credentials, exploiting the trust model of GitHub and npm without leveraging software vulnerabilities.
Two years after a supply-chain attack on polyfill.io, the compromised domain caused fake login prompts on websites of major brands through leftover code.
axios versions 1.14.1 and 0.30.4 contain malware; affected systems and additional npm packages require immediate downgrade to secure versions, with compromised systems considered fully breached.