Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...
GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.
A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results