SecurityWeek

Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist

Shai-Hulud 2.0 infected over 12,000 systems and exposed Trust Wallet keys that were used to steal $8.5 million from 2,520 ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Many enterprises use GitHub Action Secrets to store and protect sensitive information such as credentials, API keys, and tokens used in CI/CD workflows. These private repositories are widely assumed ...

Trust Wallet Goes Dark on Chrome – $7M Hack Victims Left Waiting for Claims Tool

Trust Wallet users affected by a recent browser extension hack are facing fresh delays after the wallet provider confirmed ...
The Hacker News

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet confirmed a supply chain attack let hackers push a malicious Chrome extension update, draining $8.5 million from ...
Dark Reading

Dark Reading Confidential: Stop Secrets Creep Across Developer Platforms

Dark Reading Confidential Episode 13: Developers are exposing their organizations' most sensitive information; our guests ...
The Hacker News

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...
TechJuice

Trust Wallet Chrome Extension Compromised in Supply Chain Hack

Trust Wallet confirms a “malicious update” compromised its Chrome extension, exposing users to crypto theft in a browser ...

Amazon's secret GitHub data grab

There's a rush to amass as much data as possible to train AI models. Amazon is trying to scrape Microsoft's Github for some of the data it needs.

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...