Malware exploits compromised npm packages and manipulated GitHub Actions to exfiltrate tokens and credentials directly from CI/CD environments and developer repositories.
External content references that standard scanners fail to validate enabled researchers to gain access to over 26,000 autonomous agents through fake AI extensions and Instagram advertising.
A critical CI/CD vulnerability called Cordyceps enables attackers to gain full control over repositories and compromise the supply chain of hundreds of open-source projects.
Stolen OAuth tokens from a compromised Klue integration enabled the Icarus group to gain mass access to Salesforce customer accounts through automated API queries.
144 npm packages of the Mastra Framework have been infected with an infostealer that steals wallet and browser data during installation, already affecting the heavily-used core package.