The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.
The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
Poynter

Fighting the Infodemic: The #CoronaVirusFacts Alliance

Led by the International Fact-Checking Network (IFCN) at the Poynter Institute, the #CoronaVirusFacts united more than 100 fact checkers around the world in publishing, sharing, and translating facts ...
Chicago Tribune

Chicago Bears

Here's what to know about the Chicago Bears' possible move from Soldier Field.