Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...
Dark Reading

Rust-Written IronWorm Hits NPM Supply Chain

A newly discovered malware campaign targeting the open source software ecosystem underscores how rapidly supply chain threats are evolving. The campaign, which JFrog has dubbed "IronWorm," targets ...

Amazon BedrockでOpenAI GPT-5.5、GPT-5.4、Codexが一般提供開始

Amazonは6月1日(現地時間)、Amazon Bedrock上でOpenAIが提供するAIモデル「GPT-5.5」「GPT-5.4」および「Codex」の一般提供を開始した。 モデル利用はAmazon Bedrockの高性能な推論エンジンを介して ...
Meduza

Russia’s federal censor denies blocking Python’s package index as developers scramble ...

On Monday, Russian users found they could no longer reach PyPI, the package repository that Python developers rely on for ...