GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
PRIMETIMER

Source Code ending explained: Did Colter really save the train?

Source Code ending explained as Colter saves the train in a parallel reality, but the ending leaves Sean Fentress’ fate deeply unsettling ...
The Register on MSN

Switzerland built a secure alternative to BGP. The rest of the world hasn't noticed yet

SCION: Proven in banking and healthcare, slow to spread everywhere else Feature BGP, the Border Gateway Protocol, was not designed to be secure. It was designed to work – to route packets between the ...
GitHub

browser-use-mcp-server

An MCP server that enables AI agents to control web browsers using browser-use. 🌐 Want to Vibe Browse the Web? Open-source AI-powered web browser - Vibe Browser.
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...