Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet

EXCLUSIVE For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the ...
GamingOnLinux

The Arch Linux AUR had over 400 packages compromised with malware

Looks like the Arch Linux AUR (Arch User Repository) needs some better security and package checks - as some malicious users ...
InfoWorld

GitHub finally pulls the plug on automatic install script execution for npm

The change, expected in July, will likely block one of the more common attack vectors; developers are wondering what took ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
GitHub

File Access Policy Daemon

This is a simple application whitelisting daemon for Linux. The current design for policy is that it is split up into units of rules that are designed to work together. They are copied into ...
GitHub

PyPI Mirror for Restricted/Offline Environments

Morgan is a PyPI mirror for restricted/offline networks/environments, where access to the Internet is not available. It allows creating small mirrors that can be used by multiple "client" Python ...