Space.com

Get stunning views of the moon for less with $108 off this Celestron telescope

This Celestron Astromaster 130EQ is seriously discounted for Prime Day, perfect for moongazing or viewing this month's stunning Orionid meteor shower.
TechRadar

A terrifying, self-replicating malwaere has infected npm packages with over 2 million downloads per week - here's how to stay safe

A new supply-chain attack compromised at least 187 npm packages, targeting developer secrets across software projects Shai-Hulud worm looks to steal credentials, modify packages, and spread malware ...
Infosecurity-magazine.com

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

A new AI-native penetration testing tool called Villager has reached nearly 11,000 downloads on the Python Package Index (PyPI) just two months after release. The framework, developed by the ...
TechRepublic

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week Your email has been sent An attack targeting the Node.js ecosystem was just identified ...
Techno-Science.net

Download iPhone 17 Wallpapers in 4K [Direct Download Links]

Apple’s iPhone 17 Series brings a new range of 4K wallpapers, from bright and bold to subtle light and dark themes. You can preview and download them individually ...
ZDNet

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A phishing email was at the heart of the attack. NPM team quickly removed backdoored versions. 18 packages hit, with 2B+ downloads every week. A new digital supply chain attack has targeted popular ...
Ars Technica

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to be the world’s biggest supply-chain attack ever. “Sorry everyone, I should ...
CSOonline

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep flaws in the open-source trust model. A massive supply chain attack ...
SiliconANGLE

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after attackers injected malware into 18 popular packages that together account for ...
Bleeping Computer

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. In the emails, the ...
CoinDesk

Ledger CTO Warns of NPM Supply-Chain Attack Hitting 1B+ Downloads

Charles Guillemet, chief technology officer at hardware wallet maker Ledger, warned on X on Monday that a large-scale supply chain attack is underway after the compromise of a reputable developer’s ...
Bleeping Computer

NPM package ‘is’ with 2.8M weekly downloads infected devs with malware

The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. This occurred after maintainer accounts ...