资讯

SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...

New software tool aims to democratize access to space camera development

A powerful software tool capable of accurately modeling how cameras capture light could help democratize the development of ...
Visual Studio Magazine

GitHub Tops AI Coding Assistants Report, with Microsoft-Related 'Cautions'

Gartner's new Magic Quadrant for AI Code Assistants report shows GitHub Copilot leading the market while forecasting ...

Google's new Agent Payments Protocol (AP2) allows AI agents to complete purchases — is ...

Agent Payment Protocol, a new open source standard from Google and 60 other payment players, aims to make transactions made ...
Computer Weekly

Google Cloud unveils open protocol for agentic payments

Google’s Agent Payments Protocol is an open standard developed with over 60 global partners to create a secure standard for ...

Computer vision startup Ultralytics raises $30M in funding

Ultralytics Inc., a developer of computer vision models, today announced that it has raised $30 million in funding. Elephant ...

Macroscope raises $30M to speed up software projects with AI

Macroscope provides an AI platform that focuses on two main use cases. The first is helping developers find and fix bugs in ...
Analytics Insight

10 Source Code Management Software to Use in 2025

Overview SCM tools track changes and prevent conflicts, making teamwork on shared projects efficient.Platforms like GitHub, ...