SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent compromise of Josh Junon (Qix), the maintainer of 18 NPM packages that have ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
GitHub

Patch glibc on legacy Linux systems to enable compatibility with the latest VSCode Remote.

Since VSCode 1.99, the Remote-SSH extension pack requires glibc 2.28 or later. This is a problem for many legacy Linux systems that are stuck on older versions of ...
GitHub

AiondaDotCom mcp-ssh command injection vulnerability in SSH operations

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack Vector: This metric reflects the context by which vulnerability ...