Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

Preview this article 1 min A Delray Beach beauty platform is making another acquisition as it builds out its brand portfolio ...

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Genentech, a member of the Roche Group (SIX: RO, ROP; OTCQX: RHHBY), announced today that it will showcase key real-world, product and pipeline data from its ophthalmology portfolio at the Association ...

Oregon Court of Appeals sanctions attorney $8,000 for AI-generated fabrications in legal brief, marking first such penalty in ...

Among U.S. President Donald Trump’s first actions after returning to office in January 2025 was imposing new tariffs on Canada, China, and Mexico, which he accused of sending fentanyl to the United ...

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.