Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...
Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...
Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
Supported Releases: These releases have been certified by Bloomberg’s Enterprise Products team for use by Bloomberg customers. Experimental Releases: These releases have not yet been certified for use ...
Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
Are you a subscriber to Anthropic's Claude Pro ($20 monthly) or Max ($100-$200 monthly) plans and use its Claude AI models and products to power third-party AI agents like OpenClaw? If so, you're in ...
Claude subscriptions will no longer cover third-party access from tools like OpenClaw starting Saturday, April 4th. Claude subscriptions will no longer cover third-party access from tools like ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results