News

The Hacker News1d

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing …

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
InfoWorld9mon

3 takeaways from the Ultralytics AI Python library hack

The Ultralytics AI library hack points to critical vulnerabilities in the Python ecosystem—but not where you might think. Here's what developers need to know.
InfoWorld9mon

The Python AI library hack that didn’t hack Python

There are some critical takeaways from the Ultralytics AI Python library hack, but they're not the ones you might expect. Also, 10 tips for making Python faster and a look at uv—the all-in-one Python ...