Tag: Joe Saunders
CISA directs agencies to purge end‑of‑support devices
February 12, 2026Ken Showers, Managing Editor
WASHINGTON — The Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive that requires federal agencies inventory, remove, and replace unsupported edge devices as the U.S. Department of Homeland Security tries to address growing threats targeting public and private infrastructure.
Titled, “Mitigating Risk From End-of-Support Edge Devices,” the directive applies to devices considered “Federal...
Shai-Hulud 2.0 demonstrates the danger of open source, expert says
December 12, 2025Ken Showers, Managing Editor
YARMOUTH, Maine — Developers are picking up the pieces after the catastrophic release of the Shai-Hulud 2.0 malware worm in the Node Package Manager (NPM) registry.
The worm infected thousands of repositories, exposing up to 400,000 developer secrets and wiping victims’ home directories. Its primary goal was to steal sensitive credentials, including GitHub Personal Access Tokens (PATs) and API keys for major cloud platforms like AWS, Google Cloud and Microsoft Azure.
Microsoft,...