Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
InfoWorld

What’s new and exciting in JDK 26

Java 26 introduces little that is totally new, but you’ll find many important changes and improvements in Java’s libraries ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
SecurityWeek

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

The PCPJack worm targets cloud environments and vulnerable web applications to remove TeamPCP infections and steal ...
SecurityWeek

1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom

Over 1,800 developers were likely infected in the Mini Shai-Hulud supply chain attack that hit SAP, Lightning, and Intercom ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

Developer tidbits for the weekend – smaller news of the week

Small but interesting news bites from the news buffet about Apache Camel, pnpm, npm, Firestore, Python, Ghostty, Arduino App ...
GitHub

KiCad API Python Bindings

kicad-python is the official Python bindings for the KiCad IPC API. This library makes it possible to develop scripts and tools that interact with a running KiCad session. The KiCad IPC API can be ...
GitHub

bug-ops/pyhdb-rs

Requires Python 3.12 or later.
Benzinga.com

Mastering the Earnings API: Earnings Calendars and Surprise Detection with Python

Earnings announcements are one of the few scheduled events that consistently move markets. Prices react not just to the reported numbers, but to how those numbers compare with expectations. A small ...