Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...

【年収799万円】PHP案件のフリーランス副業調査|2026年最新

Release No.2761653|フルリモート案件が67%超フリーランス・複業・副業の求人マッチングサービス『SOKUDAN(ソクダン)』を運営する、CAMELORS株式会社(本社:東京都渋谷区、代表取締役社長:田根 ...
The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.