Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM ...

Microsoft Worm Attack Warning — Act Rapidly And Change Passwords Now

Rapidly change your password, the Microsoft security team urges as Shai-Hulud Dune Worm cloud attacks continue.
Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
CoinDesk

Hackers Are Using Fake GitHub Code to Steal Your Bitcoin: Kaspersky

The GitHub code you use to build a trendy application or patch existing bugs might just be used to steal your bitcoin BTC $87,322.39 or other crypto holdings, according to a Kaspersky report. GitHub ...