Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were ...

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

Charles Guillemet, Chief Technology Officer at Ledger, emphasized the gravity of the situation, stating, "There’s a large-scale supply chain attack in progress: the NPM account of a reputable ...

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...

This week, Google launched a free API service that provides software developers with dependency data and security-related information on over 5 million software components across different programming ...

Google Cloud wants to help improve the security of the most widely used open-source software, and to do so it’s making its Assured Open Source Software service generally available for Java and Python ...

Oracle is releasing Java 25, the latest version of the world's number one programming language and development platform, helping organizations drive business growth by delivering thousands of ...

Oracle unveils Java 25 with beginner-friendly features and eight years of enterprise support, reinforcing its role in ...