The Hacker News

Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets

"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, ...
SecurityWeek

640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack

Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
CSO Online

Contagious Interview attackers go ‘full stack’ to fool developers

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a development and delivery pipeline to drop malware.
DataBreachToday

Breach Roundup: Recently Patched Oracle Flaw Under Attack

This week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm ...
Security Boulevard

The Latest Shai-Hulud Malware is Faster and More Dangerous

A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more destructive, creating huge numbers of malicious repositories, compromised ...

A weekend ‘vibe code’ hack by Andrej Karpathy quietly sketches the missing layer of enterprise AI orchestration

Andrej Karpathy’s weekend “vibe code” LLM Council project shows how a simple multi‑model AI hack can become a blueprint for ...
MUO on MSN

I never expected an open-source app to beat IFTTT and Zapier — but this one did

I If you used IFTTT or Zapier, you're familiar with the trigger-and-action structure. Huginn's implementation is different: ...

FileRise 2.0: Web File Manager with Client Portals

The free web file manager FileRise has been released in version 2.0. New features include customizable client portals with ...