Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Asentum , a next-generation Layer-1 blockchain built from the ground up with post-quantum security, today announced the ...
NEW YORK, May 13, 2026 (GLOBE NEWSWIRE) -- 21shares, one of the world’s largest issuers of cryptocurrency exchange traded products (ETPs), today announced the following shareholder distribution for th ...
Bitget, the world’s largest Universal Exchange (UEX), announced the addition of KAIO (KAIO) to Bitget Launchpool and spot market. Spot trading for ...
Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...
Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...
Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.
Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results