1
Supply chain attack alert: .github/setup.js
大规模供应链攻击通过Claude、Gemini、Cursor等AI工具hooks注入恶意脚本,在GitHub PR中伪装提交扩散,威胁整个组织!
Our org GitHub just got compromised massively by a supply-chain attack. Vectors are * Claude hooks * Gemini hooks * Cursor setup * VScode tasks It add…