Node.js 26.3.0公開、macOSユニバーサルバイナリについて今後の配布は不 ...

今回のアップデートでは、AppleとそのエコシステムがIntelベースのアーキテクチャのサポートを段階的に終了する傾向を受け、Node.jsプロジェクトが今後もmacOS向けユニバーサルバイナリ(Apple ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline ...

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...

Red Hatの公式npmチャンネルを通じて数十個のパッケージにバックドアが仕込まれていたと判明

Red ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
GitHub

modaic-ai/gepa-viz

Live visualization for GEPA prompt-optimization runs. Renders the candidate tree as a force-directed graph so you can watch prompts evolve over a pareto frontier in real time. Big nodes are candidates ...
InfoWorld

Taming the generative AI back end

Writing code that interacts with LLM services requires bridging two different worlds. Use these tips and techniques to bind ...