SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
winbuzzer.com

90% of Claude Code Output Lands in Low-Star GitHub Repos

Anthropic’s Claude Code surpassed 20 million commits across more than one million GitHub repositories this week, yet a third-party tracking dashboard revealed a striking imbalance: roughly 90% of that ...
GitHub

JavaScript Sandboxing Research

This is an AI-generated research report. All text and code in this report was created by an LLM (Large Language Model). For more information on how these reports are created, see the main research ...
GitHub

EBI-Metagenomics/fetch_tool

The tool has a number of options, with sensible defaults for the most common use cases. Setup the configuration file, the template fetchdata-config-template.json for the configuration file.
Bleeping Computer

Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub ...