News

SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...

New software tool aims to democratize access to space camera development

A powerful software tool capable of accurately modeling how cameras capture light could help democratize the development of ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...
Visual Studio Magazine

GitHub Tops AI Coding Assistants Report, with Microsoft-Related 'Cautions'

Gartner's new Magic Quadrant for AI Code Assistants report shows GitHub Copilot leading the market while forecasting ...

Google launches AP2 Protocol for secure AI agent payments

AP2 provides a universal, secure protocol for a variety of payments, including cryptocurrencies and stablecoins. In ...
Computer Weekly

Google Cloud unveils open protocol for agentic payments

Google’s Agent Payments Protocol is an open standard developed with over 60 global partners to create a secure standard for ...

With Vibe Coding AI tools generating more code than ever before, enterprises need quality assurance tools to make sure it all works - here's how to evaluate and choos…

CodeRabbit's $60M funding highlights enterprise need for AI code review platforms, with organizations seeing 25% efficiency ...

Google's new Agent Payments Protocol (AP2) allows AI agents to complete purchases — is your enterprise ready?

Agent Payment Protocol, a new open source standard from Google and 60 other payment players, aims to make transactions made ...