The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

The never-ending supply chain attacks worm into SAP npm packages, other dev tools

Attackers infected all versions with the same credential-stealing malware that, on Wednesday, poisoned multiple npm packages ...
SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

Alberta separatist group ordered to pull down list of voters following court injunction

Separatist campaign has access to personal information of 2.9 million residents that resembles province’s recent list of ...
Nigeria Communications Week on MSN

Firm Reveals a 37% Increase in Malicious Packages Compromising Software Supply Chains

According to Kaspersky telemetry, almost 19,500 malicious packages were found in open-source projects by the end of 2025, representing a 37% increase compared to the end of 2024.Modern software ...