4d ago · 1 min read · One Command Could Turn Trusted Repos into Malware Gateways Two months after the University of Hong Kong released CLI‑Anything—a tool that automatically generates a command‑line interface for AI coding agents and has already amassed over 30,000 stars ...
Join discussion
Sep 19, 2025 · 2 min read · Cybersecurity researchers have uncovered a software supply chain attack targeting the npm registry, affecting over 40 packages maintained by multiple developers. The malicious campaign, dubbed Shai-Hulud, injects a trojanized script into npm packages...
Join discussion
Dec 4, 2024 · 4 min read · A supply chain attack was detected in version 1.95.6 and 1.95.7 of the @solana/web3.js npm library. This compromised version contain injected malicious code that can steal keys from developers and users, potentially enabling attackers to drain crypto...
Join discussion
