Tag: maintainers
-
Krebs on Security: 18 Popular Code Packages Hacked, Rigged to Steal Crypto
Source URL: https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/ Source: Krebs on Security Title: 18 Popular Code Packages Hacked, Rigged to Steal Crypto Feedly Summary: At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The…
-
The Register: Boffins build automated Android bug hunting system
Source URL: https://www.theregister.com/2025/09/04/boffins_build_automated_android_bug_hunting/ Source: The Register Title: Boffins build automated Android bug hunting system Feedly Summary: AI agent system said to have found more than 100 zero-day flaws in production apps AI models get slammed for producing sloppy bug reports and burdening open source maintainers with hallucinated issues, but they also have the potential to…
-
Slashdot: Defense Department Reportedly Relies On Utility Written by Russian Dev
Source URL: https://tech.slashdot.org/story/25/08/27/2026245/defense-department-reportedly-relies-on-utility-written-by-russian-dev?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Defense Department Reportedly Relies On Utility Written by Russian Dev Feedly Summary: AI Summary and Description: Yes Summary: The article highlights concerns over the fast-glob utility, widely used in Node.js applications, particularly within U.S. Department of Defense systems. Maintained by a Russian developer with ties to Yandex, the lack…
-
The Register: Putin on the code: DoD reportedly relies on utility written by Russian dev
Source URL: https://www.theregister.com/2025/08/27/popular_nodejs_utility_used_by/ Source: The Register Title: Putin on the code: DoD reportedly relies on utility written by Russian dev Feedly Summary: Fast-glob is widely used in government, security lab says A Node.js utility used by thousands of public projects – and more than 30 Department of Defense ones – appears to have a sole…
-
The Register: Secure chat darling Matrix admits pair of ‘high severity’ protocol flaws need painful fixes
Source URL: https://www.theregister.com/2025/08/13/secure_chat_darling_matrix_admits/ Source: The Register Title: Secure chat darling Matrix admits pair of ‘high severity’ protocol flaws need painful fixes Feedly Summary: Foundation warns federated servers face biggest risk, but single-instance users can take their time The maintainers of the federated secure chat protocol Matrix are warning users of a pair of “high severity…
-
The Register: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks
Source URL: https://www.theregister.com/2025/08/11/russias_romcom_among_those_exploiting/ Source: The Register Title: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks Feedly Summary: A few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploit Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.… AI Summary and Description:…