The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

Page 2: OpenTelemetry for MemoryCache

The fourth preview brings new methods to existing classes in the .NET base class library and a new configuration file for ...

Income tax return AY 206-267: Excel utility, online filing for ITR-1, and ITR-4 now ...

The Income Tax Department has launched Excel utilities and online filing for ITR-1 and ITR-4 for the Assessment Year 2026-27.
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

Malicious npm packages: SAP software compromised

Several SAP npm packages were exposed to a supply chain attack. The hacker group TeamPCP is behind it, say security researchers.