GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

What Do Identity Theft Protection Services Do, and Are They Worth It?

Odds are good you’ve encountered an identity theft protection service in the last year, even if you weren’t looking to sign ...

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
The Herald Bulletin

Iowa bars local gender identity protections after rolling back its civil rights code

Iowa has barred cities and counties from adding local protections for gender identity. The move comes after the state became ...