Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

Supported Releases: These releases have been certified by Bloomberg’s Enterprise Products team for use by Bloomberg customers. Experimental Releases: These releases have not yet been certified for use ...

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Anthropic is experiencing elevated error rates across its Claude chatbot, its application programming interface and Claude Code, according to the company's status ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

SAP SE SAP SE engages in the provision of enterprise application software and software-related services. It operates through the following segments: Applications, Technology, and Support; Qualtrics; ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

I have zero coding skills, but I was able to quickly assemble camera feeds from around the world into a single view. Here's how I did it—and what it means for all of us. I'm the Executive Editor, ...