Explore >> Select a destination

You are here

 socket.dev
Popular Tinycolor npm Package Compromised in Supply Chain At...
| | www.sysdig.com
Detecting and Mitigating the "tj-actions/changed-files" Supply Chain Attack (CVE-2025-30066) | Sysdig
1.8 parsecs away

Travel
| | On March 14, 2025, StepSecurity uncovered a compromise in the popular GitHub Action tj-actions/changed-files. Tens of thousands of repositories use this
| | www.sonatype.com
Ongoing npm Software Supply Chain Attack Exposes New Risks
1.2 parsecs away

Travel
| | Sonatype uncovers a wormable npm software supply chain attack compromising over 180 packages, following S1ngularity and Chalk/Debug campaigns.
| | blog.abhimanyu-saharan.com
CVE-2025-54313: Prettier Config Package Hijacked
1.7 parsecs away

Travel
| | A high-severity CVE exposed eslint-config-prettier to a supply chain attack via a phishing compromise. Learn what happened, who's affected, and how to fix it.
| | www.syntaxbearror.io
Bear Security - Security News for the Week of July 5th, 2021 | Syntax Bearror
18.0 parsecs away

Travel
| Supply Chain Attack on MSPs leave thousands with ransomware, Print Spooler woes continue with Windows, and more on this week's episode of Bear Security.