Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
InfoWorld

Four cutting-edge tools for spec-driven development

Kiro, Spec Kit, Tessl, and Zenflow offer a more systematic and structured approach to developing with AI agents than vibe ...
SecurityWeek

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The infamous TeamPCP hacking group that besieged the open source software ecosystem ...