资讯

Dynatrace Joins GitHub Model Context Protocol (MCP) Registry to Accelerate AI-Powered ...

Dynatrace (NYSE: DT), the leading AI-powered observability platform, today announced its participation in the launch of the ...
Security Boulevard

Shai-Hulud: A Persistent Secret Leaking Campaign

On September 15, a new supply chain attack was identified that targeted the @ctrl/tinycolor and 150 other NPM packages. The ...
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

The malicious JavaScript code ("bundle.js") injected into each of the trojanized package is designed to download and run ...
SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...

Self-propagating worm fuels latest npm supply chain compromise

In a similar style to the Nx attack, the payload then publishes a new repo via the victim's GitHub account, dropping stolen ...

OpenAI rolls out GPT‑5 Codex: New coding abilities, availability, and who can use it

OpenAI has launched GPT-5 Codex, an AI model built for software development. It can write, debug, and review code, working ...
Cybernews

Hundreds of NPM packages compromised as ongoing supply chain attack snowballs out of control

Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...

Microsoft favors Anthropic over OpenAI for Visual Studio Code

Microsoft is adding automatic AI model selection to its Visual Studio Code editor that will automatically pick the best model ...

Google's new Agent Payments Protocol (AP2) allows AI agents to complete purchases — is ...

Agent Payment Protocol, a new open source standard from Google and 60 other payment players, aims to make transactions made ...

The AI paradox: can AI and open source development co-exist?

On the surface, the philosophies of open source development and current AI development appear completely opposed. Open source ...