The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Google reveals another exploit chain affecting outdated iPhones

Google has detailed a similar attack to Coruba, called DarkSword, which is actively being used in several countries. Here are ...
Bleeping Computer

Google Cloud Build bug lets hackers launch supply chain attacks

"However, Google's fix doesn't revoke the discovered Privilege Escalation (PE) vector. It only limits it - turning it into a design flaw that still leaves organizations vulnerable to the larger supply ...