Richmond speaks up: Letters to the editor for the week of May. 1, 2026

Our weekly round-up of letters published in the Richmond Times-Dispatch. Although I disagree with some of Gov. Pillen's ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...
TMCnet

MESCIUS USA, Inc. Releases Wijmo 2026 v1

MESCIUS USA Inc., a global provider of award-winning enterprise software development tools, is pleased to announce the Wijmo 2026 v1 release. The first major release of 2026 yields major accessibility ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...

Aikido Security Launches Endpoint Protection for Developer Devices as Software Supply Chain Attacks Hit Unprecedented Scale

GHENT, Belgium, April 20, 2026 (GLOBE NEWSWIRE) -- Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by ...
The Caledonian-Record

Bill Nye ‘The Science Guy’ Joins Arbor Day Foundation Podcast In Latest Episode

Iconic science educator Bill Nye joins the Arbor Day Foundation in the fourth episode of its new podcast, “Unearthing ...
TechCrunch

App downloads declined again in 2025, but consumer spending soared to nearly $156B

The subscription economy helped boost mobile app revenues in 2025, even as app downloads declined for the fifth consecutive year, according to app intelligence firm Appfigures‘ annual report. In 2025, ...
GameSpot

How To Download And Update Roblox

GameSpot may get a commission from retail offers. So you or your child wants to play Roblox? That’s great, but where do you begin? In fact, where do you find it in the first place? As the app is ...
TechSpot

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

What the Script: Supply chain attacks are traditionally designed to inflict maximum damage on structured organizations or companies. However, when such an attack compromises a supply chain that an ...
blockonomi

JavaScript Libraries with 2 Billion Weekly Downloads Targeted in Crypto Theft Attempt

18 popular NPM packages with over 2 billion weekly downloads were compromised through a phishing attack targeting developer “Qix” The malware functioned as a “crypto-clipper,” silently replacing ...
cryptonews

“Avoid On-Chain Transactions”: Ledger CTO Issues Urgent Warning After JavaScript Attack

A large-scale supply chain attack on the JavaScript ecosystem has prompted an urgent warning from Ledger’s chief technology officer, Charles Guillemet, who advised users without hardware wallets to ...
Bleeping Computer

NPM package ‘is’ with 2.8M weekly downloads infected devs with malware

The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. This occurred after maintainer accounts ...