Software Security

“Cheapest Cursor API” Hides Backdoor: macOS Developers Targeted in Supply Chain Attack Cursor malware

Cursor malware

“Cheapest Cursor API” Hides Backdoor: macOS Developers Targeted in Supply Chain Attack

Do Son May 13, 2025

Researchers at Socket have uncovered a new attack targeting the macOS version of the popular source code...

AI Code Generation Flaw: “Package Hallucination” Threatens Software Supply Chains AI code security

AI code security

AI Code Generation Flaw: “Package Hallucination” Threatens Software Supply Chains

Do Son May 3, 2025

AI can generate code—but not always safely. A new study, set to be presented at the 2025...

Counterfeit npm Libraries Used in Sophisticated Supply Chain Attack bot-apt

bot-apt

Counterfeit npm Libraries Used in Sophisticated Supply Chain Attack

Do Son April 22, 2025

Experts at Socket have uncovered a new software supply chain attack involving counterfeit npm libraries masquerading as...

AI Hallucinations Lead to “Slopsquatting” Malware Threat pac

pac

AI Hallucinations Lead to “Slopsquatting” Malware Threat

Do Son April 13, 2025

The era of AI-powered code generation tools has not only simplified the lives of developers but also...

Malicious npm Package Hijacks Cryptocurrency Wallets in Supply Chain Attack List of TH policies in package

List of TH policies in package

Malicious npm Package Hijacks Cryptocurrency Wallets in Supply Chain Attack

Do Son April 12, 2025

Software supply chain attacks are becoming increasingly sophisticated, with malicious actors disguising harmful code as legitimate libraries...