Profile avatar
6mile.githax.com
Software Supply Chain Red Team. SourceCodeRED & SecureStack founder, dad, startup OG, snowboarder and hacker. Workin on GitHax tool in my spare time. github.com/6mile @eastsidemccarty from the bird site.
40 posts 187 followers 499 following
Regular Contributor
Conversation Starter
Posts 27 Comments 14

submitted 34 days ago • 1 comment

You can't make this shit up! The NIST NVD database has been down all day, so no one can look up CVEs via NVD. @shodanhq.bsky.social reports that one of the two ec2 instances serving up the NVD website reports a "402 Payment Required". Did DOGE dipshits break our national vulnerability database?!

submitted 71 days ago • 1 comment

New infostealer targets Exodus crypto wallets. The author wrote this malware in a little-known language to evade detection. Read my write-up here: sourcecodered.com/npm-package-...

submitted 114 days ago • 0 comments

I wrote a post about the 3 most common myths I run into when talking to developers or infosec teams about malicious packages. Devs aren't familiar with malicious packages & security teams assume that existing security tools will find malware (spoiler: they don't). sourcecodered.com/three-myths-...

submitted 121 days ago • 0 comments

I've identified an NPM package named "arcus-cmd-utils" that deploys a Chrome-based infostealer to infected computers. You can read my blog post complete with technical details and IOCs. @npmjs.bsky.social @github.com #softwaresupplychain #devsecops sourcecodered.com/malicious-ar...

submitted 135 days ago • 0 comments

My blog post is top spot on Hackernews! Woot! @hackernewsbot.bsky.social #softwaresupplychain

submitted 149 days ago • 2 comments

Quickest turnaround in MONTHS from NPM as they've taken down the marked-cs and marked-ps malicious packages in less than a day! Woot! @npmjs.bsky.social #softwaresupplychain #npm

submitted 149 days ago • 0 comments

Two malicious packages were published to the NPM registry named "marked-cs" & "marked-ps". They take advantage of naming inconsistencies in the popular marked-js library & deploy modified gh0strat implants when you install the malicious packages. @npmjs.bsky.social sourcecodered.com/npm-packages...

submitted 150 days ago • 0 comments

Guess who's gonna be presenting at the @first.org CTI conference on April 23rd in Berlin? That's right, me! Woot! We will discuss how enterprise organisations can add #softwaresupplychain #threatintel to their existing #CTI and #threathunting workflows. www.first.org/conference/f...

submitted 151 days ago • 0 comments

Spotted

submitted 152 days ago • 0 comments

Did a security researcher at Snyk really just publish malicious packages to NPM targeting Cursor.com?

submitted 155 days ago • 2 comments

If you are using crypto/web3 libraries be aware that many npm packages that claim to be a part of @solana.com or @walletconnect.bsky.social ecosystems are malicious. For example, the solanacore, walletcore-gen and solana-login @npmjs.bsky.social packages drop infostealers on hosts and exfil data.

submitted 157 days ago • 0 comments

Happy holidays from #badsanta!

submitted 173 days ago • 0 comments

Attackers compromised the popular rspack/core & rspack/cli NPM packages owned by @bytedance.bsky.social. The attackers published version 1.1.7 for both packages, which deployed the xmrig crypto miner & sent all tokens to the IP 80[.]78.28.72. These packages are downloaded thousands of times a week

submitted 175 days ago • 0 comments

Major Announcement Regarding the HOPE Conference: Effective immediately, HOPE will happen EVERY summer, not every two years. HOPE_16 will be August 15-17, 2025! www.2600.com/content/majo...

submitted 176 days ago • 8 comments

BREAKING NEWS! Six packages were just published to the NPM registry, delivering a new MacOS malware. Do not install these packages! #softwaresupplychain #malware @npmjs.bsky.social

submitted 176 days ago • 0 comments

Shodan is down!

submitted 178 days ago • 0 comments

Do you know what's behind your @gitlab.com /explore endpoint? cycode.com/blog/ai-powe...

submitted 179 days ago • 0 comments

Ouch.

submitted 181 days ago • 0 comments

A @npmjs.bsky.social package named discord-json-scaller was published on 12/7 & removed on 12/12. It contained an elegant Discord injection attack written by the same author of hackirby/skuld. It intercepts login, registration & 2FA requests, email & password changes, credit card payments & more.

submitted 181 days ago • 0 comments

Woot! My first three CFP/CFT submissions for 2025 have come back accepted! Stoked!

submitted 183 days ago • 0 comments

Is there a special @hacker0x01.bsky.social badge for this?

submitted 183 days ago • 1 comment

Big shout out to @sydseter.com and their starter pack posts. Makes moving to @bsky.app much easier. Cheers mate!

submitted 186 days ago • 0 comments

2025 is almost upon us, so I updated the APAC Cyber Conferences @github.com repo at github.com/Infosec-Comm...

submitted 186 days ago • 0 comments

#Ultralytics has been compromised again tonight. This is the second time in two days that bad guys have leveraged a nifty shell injection bug in Actions. Maybe it's time to stop using this library. I mean, fool me once, shame on you. Fool me twice, shame on me, right?

submitted 187 days ago • 0 comments

I identified a software supply chain attack today affecting the @solana.com web3.js NPM package. One of the project collaborators' creds (to NPM?) were compromised which allowed the threat actors to deploy two malicious versions to NPM: 1.95.6 and 1.95.7. The bad guys added a function that ....

submitted 190 days ago • 1 comment

My first post on the Blusky newness. I'm @eastsidemccarty on the bird site so let's make this place better than that shit show.

submitted 659 days ago • 2 comments