The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Second Thomas Dambo troll installation coming to Southeast Wisconsin

Preview this article 1 min The large wooden troll sculptures by the Danish artist are viewed as a tourism draw. Thursday, May ...

After a year of revisions and six meetings, German Village project goes up for a vote

A developer will finally see if a multifamily project can be built in German Village after a year-long process.

Mysterious block of ice appears in seaside town

A large block of ice that mysteriously appeared in a seaside town has led to speculation online about what it is. Bournemouth ...
InfoWorld

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
La Crosse Tribune

Hwy. 16 lane closures expected for La Crosse water pipe installation

La Crosse is preparing to install 2.2 miles of water piping along Highway 16, pending approval from the state Public Service ...
Cryptopolitan on MSN

Hacker target the OpenVSX ecosystem to steal crypto wallets

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
The Caledonian-Record

Port Houston Awarded $48 million MARAD Grant for Bayport Terminal Expansion and Enhancements

Port Houston has been awarded a $48 million federal grant to support the construction of a new container yard and the ...

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...

Fire crews thaw rapper Drake’s giant ice installation in Toronto

Officials say the frozen blocks are being melted due to "dangerous and unsafe activities" after they were set up to promote ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...