The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
SecurityWeek

‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains

The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide ...