Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...

A Rust infostealer called IronWorm hid in 36 npm packages from the Arweave ecosystem. The malware self-replicated and then pushed backdated malicious commits across nine organizations. Developers who ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

Austria and Portugal have won seats on the UN Security Council, ending Germany's 40-year streak. DW examines the foreign policy questions raised by Berlin's defeat. Wednesday's decision in New York ...

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. The malware targets 86 environment variables (key-value pairs) and ...

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

The Anbernic RG Rotate is a handheld game console with mediocre specs that should be good enough for retro gaming, but which may struggle with some newer games. But it’s still an interesting little ...