The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

A critical security weakness in Amazon Web Services’ CodeBuild service left GitHub repositories vulnerable to hijacking, raising fresh concerns about the resilience of cloud-based development ...

Apple informed developers today of an upcoming update to the minimum Software Development Kit (SDK) requirements for iOS, iPadOS, tvOS, visionOS, and watchOS apps. Here are the details. Apple has ...

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, ...

A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the ...

An AWS misconfiguration in its code building service could have led to a massive number of compromised key AWS GitHub code repositories and applications, say researchers at Wiz who discovered the ...

Between 11:49 PM PDT on October 19 and 2:24 AM PDT on October 20, AWS experienced increased error rates for AWS services in the US-EAST-1 Region, which also impacted ...

Rolldown is either erroring or tree-shaking away parts of the AWS JavaScript SDK v3. I think it's something to do with dynamic imports but I haven't had a chance to dive much deeper! Here's a minimal ...