[SECURITY]■ STORY TIMELINE

MALWARE IN NPM PACKAGES TARGETS CLOUD CREDENTIALS

Researchers discovered malicious packages in the @redhat-cloud-services npm namespace that harvest credentials for GitHub Actions, AWS, GCP, Azure, and other cloud platforms. The malware executes via preinstall hooks during npm installation.

4 SOURCESFIRST SEEN JUN 1, 06:30 PM► READ THE ARTICLE

Techmeme+0m

Researchers find packages in the @redhat-cloud-services npm namespace shipped malware that harvests credentials for GitHub Actions, AWS, GCP, Azure, and others (Rohan Prabhu/Step Security Blog)

Rohan Prabhu / Step Security Blog: Researchers find packages in the @redhat-cloud-services npm namespace shipped malware…

Techmeme+6h 45m

GitHub Copilot's new pricing model went into effect today, and many noted sticker shock with some saying a few hours of AI usage ate big chunks of monthly caps (Kyle Orland/Ars Technica)

Kyle Orland / Ars Technica: GitHub Copilot's new pricing model went into effect today, and many noted sticker shock with…

Techmeme+23h 50m

GitHub unveils a GitHub Copilot desktop app in technical preview, which introduces a new feature called canvases for bidirectional work between users and agents (Mario Rodriguez/The GitHub Blog)

Mario Rodriguez / The GitHub Blog: GitHub unveils a GitHub Copilot desktop app in technical preview, which introduces a…

Techmeme+2d 17h

Q&A with Satya Nadella on Microsoft's competitive position, MAI models, OpenAI, the software business, GitHub Copilot, Project Solara, data centers, and more (Ben Thompson/Stratechery)

Ben Thompson / Stratechery: Q&A with Satya Nadella on Microsoft's competitive position, MAI models, OpenAI, the software…

◄ BACK TO ARTICLE