Socket has launched a Threat Intel page that tracks ongoing supply chain attack campaigns affecting open-source packages. The new feature helps teams quickly determine if they are impacted by these coordinated attacks and provides context for affected packages.

Silent smishing exploits vulnerable cellular router APIs to conduct phishing attacks via SMS, allowing attackers to access sensitive information without authentication. The article discusses various attack methods, including the impersonation of legitimate organizations, and emphasizes the need for vigilance against such threats.