Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
Reporters Without Borders

World Day Against Cyber Censorship: RSF unveils new US room in its Minecraft Uncensored Library

To mark World Day Against Cyber Censorship on March 12, Reporters Without Borders (RSF) has opened a new room in the Uncensored Library, a virtual library within Minecraft, the world’s best selling ...