New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
GitHub

SSH Config All-In-One

Enhanced SSH Config Language Server extension for Visual Studio Code. Provides autocompletion, syntax highlighting, formatting, go to include file definitions, hover support, and quick connection ...
TechJuice

SAP npm Packages Compromised in Mini Shai-Hulud Supply Chain Attack

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.
MUO on MSN

I stopped dreading the terminal after finding these 4 tools

Adapt the old ways.
GitHub

An AI-native kanban board for tmux.

⚠️ Beta. This is a vibe-coded project. It has been dogfooded for two weeks without issues, but bugs are still possible — please file an issue if you hit one. Managing AI agents is hard — especially ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...
Hackaday

Authenticate SSH With Your TPM

You probably don’t think about it much, but your PC probably has a TPM or Trusted Platform Module. Windows 11 requires one, and most often, it stores keys to validate your boot process. Most people ...