Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.

Volunteers are supporting members of the military stationed abroad by assembling care packages to be sent to service members. Many troops stationed abroad may not get mail from back home, and ...

Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing ...

The post Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign appeared first on Tenable Blog. A self-propagating worm has compromised more than 170 npm and ...

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft package being among the latest target of worm-like malware that steals ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python ...

Start by thinking about the dilemmas your people will face. by Erin Meyer At the beginning of my career, I worked for the health-care-software specialist HBOC. One day, a woman from human resources ...