Researchers have uncovered a new Shai-Hulud malware variant targeting Red Hat-related npm packages, spreading through ...

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...

Security researchers found malicious code buried inside more than 30 of Red Hat's official software packages, built to ...

Compromised npm packages targeted Red Hat cloud services, enabling credential theft and expanding supply chain risks.

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, ...

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...

Sometime in late May 2026, a poisoned update slipped into the @antv family of JavaScript visualization libraries, the ...

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...

KUALA LUMPUR, Malaysia (AP) — Malaysia ’s maritime agency says Iranian-linked tankers are exploiting “jurisdictional gaps” to conduct ship-to-ship transfers of sanctioned oil near its waters, ...