SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...
腾讯网

Trivy供应链攻击引发CanisterWorm蠕虫病毒传播至47个npm包

针对流行扫描工具Trivy的供应链攻击背后的威胁行为者,被怀疑正在进行后续攻击,导致大量npm包遭到破坏,其中包含一个此前未被记录的自传播蠕虫病毒,名为CanisterWorm。 该名称源于恶意软件使用ICP容器作为死信箱解析器的特点。ICP容器是指Internet Computer区块链上的防篡改智能合约。这一发展标志着首次公开记录的滥用ICP容器来获取命令控制服务器的案例,Aikido Sec ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...
腾讯网

Claude Code 命令体系解析:三种类型、七大分类、50+ 命令

点击上方“Deephub Imba”,关注公众号,好文章不错过 !Claude Code 内置了超过 50 个命令,但是大多数开发者只用了其中 3 到 5 个,剩下的基本没人翻过。这篇文章覆盖每一个斜杠命令、每一个 CLI ...