CISOs should treat secrets sprawl as a governance challenge. This means enforcing clear ownership, adopting short-lived ...

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and ...

The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

Can your board answer with confidence what your AI agents can actually access right now? Many can’t. That’s become a ...

On May 11, 2026, a self-replicating worm called Mini Shai-Hulud quietly slipped into 42 widely used TanStack open-source ...

Another massive supply chain attack is spreading. Hundreds of compromised NPM packages are being detected, with hackers using stolen secrets to create over 2,200 public GitHub repositories, all ...

GitHub has confirmed that it is investigating unauthorized access to some of its internal repositories. The company shared ...

The Mini Shai-Hulud worm compromised 323 npm packages through the hijacked “atool” account on May 19, publishing 639 malicious versions. Affected packages include echarts-for-react (1.1M weekly ...

Learn how password managers protect Ghanaian accounts from hackers. Compare tools, 2FA setup, recovery steps for WhatsApp ...

GitHub says a poisoned VS Code extension exposed 3,800 internal repos as Binance founder CZ tells crypto devs to rotate keys.

Microsoft has announced mitigations for CVE-2026-45585, a BitLocker bypass triggered via FsTx in Windows Recovery.