The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

Hopper Launches SUPPLYSHIELD(TM): A Secure Open Source Supply Layer Delivering Zero-CVE, Malware-Free Components Through a Trusted Registry

SUPPLYSHIELD combines large-scale AI systems with human validation to maintain secure versions of libraries across the full dependency tree. When new vulnerabilities are disclosed, the platform ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
The Hacker News

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S.
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
CDOTrends

7 Key Considerations for Choosing Container Base Images for Java Apps

At first glance, choosing the best container base image for a Java application may seem simple enough. Teams tend to approach the issue by optimizing layer by layer: they choose the smallest base ...