The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

KDE Linux is the purest form of Plasma I've used in months - but there's a catch

KDE Linux is the purest form of Plasma I've used in months - but there's a catch ...
CNX Software

Ubuntu 26.04 LTS “Resolute Raccoon” released with Linux 7.0

Canonical has just announced the release of Ubuntu 26.04 LTS “Resolute Raccoon” Linux distribution about two years after ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

Another npm supply chain worm is tearing through dev environments

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...
Infosecurity Magazine

Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation

Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across ...

OpenAI updates Agents SDK to improve agent safety and capability for enterprises

OpenAI’s updated Agents SDK adds sandboxing, configurable memory, and file/tool workflows for safer, stronger enterprise ...
YourStory

OpenAI Agents SDK update brings production-ready AI tools

OpenAI Agents SDK update adds sandbox execution and a new harness to help developers build reliable, production-ready AI ...