Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Apple shares iPhone and Mac post-quantum cryptography code on GitHub

Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...
Investopedia

Understanding Tor: Anonymous Browsing, Usage, and Legal Aspects

Investopedia contributors come from a range of backgrounds, and over 25 years there have been thousands of expert writers and editors who have contributed. Dr. JeFreda R. Brown is a financial ...
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
The New York Times

4 Easy Ways to Make Sure No One Can Read Your Text Messages

We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› By Max Eddy Max Eddy is a writer who has covered privacy and security — including ...