Back to article
news.risky.biz

Risky Bulletin: RubyGems adds dependency cooldowns to counter supply chain attacks (opens in new tab)

Covers 26 stories See all stories this covers including 1-Click GitHub Token Stealing via a VSCode Bug

Covers 26 related stories

blog.ammaraskar.com·

1-Click GitHub Token Stealing via a VSCode Bug

Feeds
radar.cloudflare.com·

Bots have now passed human traffic online for the first time

Discussed on Hacker News
Feeds
blog.rubygems.org·

Cool down before you install: give new gems a few days to be vetted

Discussed on Hacker News
Feeds
stepsecurity.io·

Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents

Discussed on Hacker News
Feeds
blog.includesecurity.com·

The smart TV in your living room is a node in the AI scraping economy

Feeds
stepsecurity.io·

Miasma NPM Supply Chain Attack: Self-Spreading Worm via Phantom Gyp

Discussed on Hacker News
Feeds
blog.yossarian.net·

We should all be using dependency cooldowns

Feeds
chromereleases.googleblog.com·

Stable Channel Update for Desktop

Discussed on Blogger
Feeds
chromereleases.googleblog.com·

Stable Channel Update for Desktop

Discussed on Blogger
Feeds
Socket·

Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help