The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.
InfoWorld

Taming the generative AI back end

Writing code that interacts with LLM services requires bridging two different worlds. Use these tips and techniques to bind ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Joc Pederson homer caps 8-run 1st as Rangers beat Astros 10-7 a night after Houston’s no-hitter

Joc Pederson hit a three-run homer to cap an eight-run first inning in Texas’ 10-7 win over the Astros on Tuesday night, a ...
GitHub

macOS tool to easily identify and get rid of big, unused files and folders in seconds.

Automatic cleaners only know about a fixed set of cache folders, and the decisions they make are limited to what they were preprogrammed for. ApexDisk finds and surfaces everything else they skip: ...