The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
InfoWorld

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
Security Boulevard

Local Guardrails for Secrets Security in the Age of AI Coding Assistants

Modern developer environments expose sensitive context across files, prompts, logs, and commands. Learn how layered local ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

The never-ending supply chain attacks worm into SAP npm packages, other dev tools

The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...
CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may be behind a spate of recent supply chain attacks.

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...