News

CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

The malicious JavaScript code ("bundle.js") injected into each of the trojanized package is designed to download and run ...

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

Google's new Agent Payments Protocol (AP2) allows AI agents to complete purchases — is your enterprise ready?

Agent Payment Protocol, a new open source standard from Google and 60 other payment players, aims to make transactions made ...

Entering the Era of Intelligent Autonomy with Trillion-Level Market Potential: AI Agents Welcome the Year of Commercialization in 2025

As a new generation of intelligent agents with autonomous perception, decision-making, and execution capabilities, AI Agents ...

Microsoft turns to Anthropic's AI for Visual Studio Code, raising eyebrows about OpenAI ties

Microsoft is signaling a shift in its AI priorities, favoring Anthropic's Claude Sonnet 4 over OpenAI's GPT-5 models in its flagship developer tool, Visual Studio Code.

Entering the Era of Intelligent Autonomy with Trillion-Level Market Potential: AI Agents Welcome the Commercialization Year of 2025

As a new generation of intelligent agents with autonomous perception, decision-making, and execution capabilities, AI Agents ...
Cyber Daily

Kull wahad! Shai Halud worm infects more than a hundred NPM code packages

Malware capable of devouring data in “smash-and-grab” style attacks also compromised several CrowdStrike code packages before ...