The npm blog archive reports on a malicious module named getcookies that masqueraded as a cookie parsing library but contained a backdoor, leading to the unpublishing of three packages and three versions of a fourth package from the npm Registry.
FEATURES
SIMILAR TOOLS
A cybersecurity blog from Microsoft, featuring articles and guides on various security topics, including AI, threat intelligence, cloud security, and incident response.
CPO Magazine is a cybersecurity news and information website providing articles, news, and insights on cybersecurity, privacy, and technology.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
Graham Cluley offers expert cybersecurity insights and commentary through various media including podcasts and speaking engagements.
InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.
A general cybersecurity news site providing discussions and news on various cybersecurity topics.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
F-Secure Blog provides in-depth articles and research on cybersecurity threats and best practices.
Brian Krebs is a cybersecurity journalist and blogger, known for his in-depth reporting on cybercrime and cybersecurity issues.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.