Tags → #security

• Hungry Git: A Quick Guide to Hacking Orgs and Bots

  27 Oct 2024

  Recently more and more people are talking about how insecure GitHub is. This article will show you how to exploit GitHub organizations and bots to get what you want.

• Rust in Peace: How to Hijack Node.js with a Single Require

  17 Aug 2024

  Discover how to exploit the Node.js ecosystem with Rust-based supply chain malware. Learn about the vulnerabilities in npm packages and how a single require line can compromise JavaScript projects. Explore security measures to prevent such attacks.

• Rusty Pipes

  16 Jul 2024

  An npm supply chain exploit that checks for what packages you contribute to then injects a malicious rust binary into the next release.