Yearlong Supply-Chain Attack Targeting Security Pros Steals 390,000 Credentials
An anonymous reader quotes a report from Ars Technica: A sophisticated and ongoing supply-chain attack operating for the past year has been stealing sensitive login credentials from both malicious and benevolent security personnel by infecting them with Trojanized versions of open source software from GitHub and NPM, re … ⌘ Read more