Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Live Bitcoin News

The npm Package That Wipes Your Files When You Try to Stop It

An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
Cryptopolitan on MSN

Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across ...
Blockonomi

ERC-4626: The Vault Standard Reshaping DeFi Capital Allocation

ERC-4626 created a universal vault interface for DeFi, enabling composability, reducing integration costs, and reshaping ...
CoinTelegraph

THORChain confirms $10M exploit, rolls out recovery portal for affected users

THORChain has launched a recovery portal following a $10 million exploit, allowing affected users across four chains to revoke malicious approvals and claim refunds. THORChain has confirmed a $10 ...
CoinDesk

Trump-Linked WLFI Partners With Vaulta After $6 Million Token Buy

WLFI $0.05982, the decentralized finance platform with ties to the Trump family, has partnered with Web3 banking infrastructure provider Vaulta to push forward a shared vision for decentralized ...
USA Today

Datavault AI Chief Executive Officer and President Issues Letter to Stockholders Highlighting 2025 Accomplishments and Outlook for 2026

Datavault AI signed $49M of Tokenization and Technology Licensing agreements in Q4’25 that impact FY2025 and FY2026 Revenue. Revenue: Datavault AI expects at least $30 million in revenue for FY2025, ...
The Hacker News

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive ...

BrowserAct Open-Sources Two AI-Agent Skills, Giving Agents the Power to Use the Real Web

Then imagine it replying: "Sorry, the website won't let me in." That's the quiet failure mode behind most AI agents today.
Hosted on MSN

OpenAI, Microsoft, and Anthropic Are Rewriting Work in 2026

As of May 2026, the AI landscape has undergone a fundamental transformation: the focus has shifted from generating text to executing actions. OpenAI's GPT-5.4 has consolidated its reasoning and ...