Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...

Best VPN NordVPN Review Does NordVPN Work in China in 2026: Yes, Here’s How to Use It Does NordVPN work in China in May 2026? Yes, you can use NordVPN in China, and it works, but it’s not a ...

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...

If a website tells you to manually install a “Windows update” from a big blue download button, close that tab immediately. Malwarebytes has just spotted a fake Microsoft support website ...

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...