InfoWorld

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

OpenAI to Apple macOS users: Update ChatGPT, Codex and its other apps before May 8 or lose access

OpenAI is mandating macOS users update ChatGPT Desktop and other apps by May 8, 2026, due to a compromised JavaScript library ...
XDA Developers on MSN

Your Chrome new tab page is a vibe coding project waiting to happen

The least exciting page in your browser is also the easiest one to vibe-code.
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
Nigerian CommunicationWeek

Firm Reveals a 37% Increase in Malicious Packages Compromising Software Supply Chains

Kindly share this postAccording to Kaspersky telemetry, almost 19,500 malicious packages were found in open-source projects ...
Polity.org.za

Daily Podcast – April 29, 2026

South Africa law firms ask court to quash industry equity code Shortlists of nuclear regulator board candidates released by ...