SecurityWeek

640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack

Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
CSO Online

Security researchers caution app developers about risks in using Google Antigravity

The tool for creating agents has vulnerabilities, say experts; Google says it will post known issues publicly as it works to ...
CSO Online

New ClickFix attacks use fake Windows Update screens to fool employees

The first step defenders should take is to stop the ability of this malware to run, says the report. “The most effective way ...

NPM supply-chain attack compromises major ENS and crypto libraries

A researcher reported that more than 400 NPM libraries, including a cluster of ENS-linked crypto packages, were breached by ...
How-To Geek on MSN

NPM packages are infected with malware, again

Shai Hulud v2 infected 500+ npm packages (700+ versions) and spilled into Java/Maven — yikes. Compromised packages run a ...

Go Green with VS Code for Quicker AI Tools & Safer Model Control

Get better AI workflows now, including agent mode for refactors. The green build supports OpenAI-compatible endpoints and local servers.