The botnet began in early 2025, targeting software developers across the open-source supply chain.
Related Articles
All CyberSecurityDive →SonicWall investigating possible zero-day related to firewall attacks
SonicWall said Monday that it is investigating whether a recent surge in attacks targeting its Gen 7 firewalls is related to a possible zero-day vulnerability…
Enterprises beef up cybersecurity plans to mitigate AI risks
Dive Brief: Enterprises are working to address AI’s risks as adoption increases, according to a report published this week by insurance and risk management services…
Trump’s cyber nominees gain broad industry support
Listen to the article 4 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Two coalitions of cybersecurity companies,…
Supply chain attack against GitHub Action triggers massive exposure of secrets
Security researchers are warning of a supply chain attack against tj-actions/changed-files GitHub Action, which is used in more than 23,000 repositories. A malicious commit was…
React urges new patch upgrades after security researchers flag additional flaws
React on Thursday warned that customers will need to apply new upgrades amid the React2Shell crisis, after researchers discovered additional vulnerabilities, including a denial of…
Fewer ransomware attacks encrypting data, new report finds
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Only half of ransomware attacks…

