Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Found 23 hours ago ago at Arstechnica

It has been a bad six weeks for security firm Checmarx. Over the past 40 days, it has been the victim of at least one supply chain attack that delivered malware to customers on two separate occasions. Now it has been hit by a ransomware attack from prolific fame seeking hackers. The streak of misfortunes started on March 19, with the supply chain attack of Trivy, a widely used vulnerability scanner. The attackers behind the breach first breached the Trivy GitHub account and then used their...

Read the full article at Arstechnica

More Developer News

OpenAI Codex system prompt includes explicit directive to "never talk about goblins"

Found 15 hours ago at Arstechnica

Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Found 23 hours ago at Arstechnica

GitHub will start charging Copilot users based on their actual AI usage

Found 1 day ago at Arstechnica

Open source package with 1 million monthly downloads stole user credentials

Found 2 days ago at Arstechnica

GitHub Copilot shifts to usage-based pricing June 1 - why that's no surprise

Found 2 days ago at All About Microsoft