In March, JFrog Security Research documented a malware campaign titled GhostClaw/GhostLoader. Since the original documentation of this campaign, Jamf Threat Labs examined multiple GitHub repositories ...

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine ...

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...

A large-scale GlassWorm malware campaign targeting developer platforms appears to be significantly more extensive and sophisticated than previously ...

A massive, self-replicating GlassWorm supply-chain attack has compromised hundreds of code repositories and extensions on ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Learn how to automate your Git workflow and environment variables into a single, error-proof command that handles the boring ...

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.