Roku said it canceled unauthorized subscriptions and refunded more than 15,000 accounts after discovering what they called “suspicious activity.” The streaming TV giant — which reported $3.4 billion in revenue last year — said that from the end of December to the end of February, hackers used username and password combinations breached from other services […]
Dec 05, 2023NewsroomSoftware Security / Supply Chain New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. “More than 9,000 repositories are vulnerable to repojacking due to GitHub username changes,” Jacob Baines, chief technology officer at VulnCheck, said in a report shared with The Hacker News. […]
The repository has already amassed over 15,000 reports of malicious packages, drawing data from various sources, including the OpenSSF Package Analysis project, Checkmarx security, and exports of malicious packages tracked by GitHub. In a bid to counter the increasing threat of malicious open source packages, the Open Source Security Foundation (OpenSSF) has introduced a new […]