Bleeping Computer

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. The attack was discovered by ...
Bleeping Computer

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. According to a post-incident ...
GitHub

npm debug, color-convert, backslash, error-ex, simple-swizzle, is-arrayish, color-name, color-string have incorrect wildcard version in their malware advisory (2025-09-08)

color-convert 3.1.1 https://github.com/Qix-/color-convert/issues/121 GHSA-ch7m-m9rf-8gvv backslash 0.2.1 https://github.com/Qix-/node-backslash/issues/5 GHSA-m2xf ...
GitHub

Awinic AW21036 Arduino Library

This library provides an interface for the AW21036 8-bit 36-LED driver from AWINIC. It supports almost all features of the AW21036, except for the pattern controller. Include the library and needed ...
Hackaday

FLOSS Weekly Episode 848: Open The Podbay Doors, Siri

This week Jonathan and Rob chat with Paulus Schoutsen about Home Assistant, ESPHome, and Music Assistant, all under the umbrella of the Open Home Foundation. Watch to see Paulus convince Rob and ...