Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
TechRadar

Amazon is making even senior engineers get code signed off following multiple recent outages

Amazon and AWS have had a few high-profile incidents recently, caused by dodgy code Mandatory meeting responded to "Gen-AI assisted changes" Senior human oversight now required for code changes Amazon ...