The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public ...

Unofficial script lets you install unreleased Windows 11 features without Microsoft Account0 0

This unofficial script enables users to install and access unreleased Windows 11 features while bypassing the requirement for ...
Cryptopolitan on MSN

IronWorm malware plants rootkit in Arweave ecosystem npm libraries

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...
TWCN Tech News

What is the ProgramData folder in Windows 11/10

Windows 11/10 creates a number of system files and folders to support the running of the operating system. The ProgramData folder is one of those important system folders. It contains all the data for ...