Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom ...

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

应用程序开发者近日收到警告：恶意版本的pgserve（一款用于应用开发的嵌入式PostgreSQL服务器）和automagik（一款AI编程工具）已被上传至npm JavaScript注册表，可能危害开发者的计算机安全。

币界网消息，知名风投a16z昨日在社交平台发布图表，称OpenAI的Codex单周安装量飙升至8610万次，以10倍优势「碾压」Anthropic的Claude Code。Claude Code负责人Boris ...