DataBreachToday

Codex Bug Let Repo Files Execute Hidden Commands

OpenAI patched a command injection flaw in its Codex CLI tool that let attackers run arbitrary commands on developer machines ...

Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM ...