🚨 Overnight on Aug. 26 in just over four hours, unidentified attackers compromised more than 1,000 Javascript developers, stealing their GitHub tokens, npm tokens, SSH keys, application secrets, and cryptocurrency wallet files.
They pulled that off by infecting a widely popular build system called "Nx" and by infusing their supply chain malware with artificial intelligence (AI)-powered intel-gathering capabilities.
https://www.darkreading.com/cyberattacks-data-breaches/1000-devs-lose-secrets-ai-powered-stealer
