The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

NCAA bans 2 former Fordham basketball players for their roles in point-shaving scheme

Two former Fordham basketball players have been permanently banned by the NCAA for their roles in a point-shaving scheme that ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
Nigerian CommunicationWeek

Firm Reveals a 37% Increase in Malicious Packages Compromising Software Supply Chains

Kindly share this postAccording to Kaspersky telemetry, almost 19,500 malicious packages were found in open-source projects ...