Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

Australia hit by 4 shark attacks in 2 days

A surfer has been attacked by a shark in the fourth incident along the coast of New South Wales in 48 hours. Meanwhile, ...

Confidential Apple data hacked in claimed Luxshare attack

Highly confidential information concerning Apple, the company’s business practices, and designs has allegedly been hacked in ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

Trump attacks on NATO allies sideline efforts to support Ukraine

Attacks by Donald Trump against his NATO allies over Greenland, the Chagos islands and the future of global security have ...
InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...

Federal agent shoots man in leg after Minneapolis shovel attack, officials say

The agent was acting in self-defence after being attacked with a shovel, said the Department of Homeland Security.
The Register-Herald

Australia's Parliament passes gun laws, and debates anti-hate speech bill after Sydney attack

Australia’s Parliament has passed new gun restrictions and begun debating proposed anti-hate speech laws after two shooters ...
The Caledonian-Record

Former Uvalde officer acquitted in trial over police response to Robb Elementary attack

A former Uvalde schools police officer who was among the first to respond to the mass shooting at a Texas elementary school has been acquitted of criminal charges that he ...
CSO Online

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, ...