The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

Tech-forward approach puts humans first

It is a central philosophy of “tech-forward with humans in the lead.” “A term sometimes used when working with AI is ‘Human ...

Ontario universities urged to co-ordinate AI approach

Postsecondary council recommends joint action on AI in research, workforce preparation and building digital sovereignty ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

Microsoft Threat Intelligence has uncovered an active supply chain attack involving malicious npm packages registered under organizational scopes that mirror real internal corporate namespaces, ...