Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
InfoWorld

Attack targeting OpenAI Codex users exposes AI software supply chain risks

The incident highlights how attackers can hide malicious code in software packages that differ from the source code available ...
SecurityWeek

Supply Chain Attack Hits 32 Red Hat NPM Packages

Hackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. On Monday, hackers hit Red Hat’s NPM repository in a new supply chain attack, ...

Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged

Anthropic, OpenAI, Google, and Meta published prompt injection disclosures in 2026 — but no two measure the same thing. What ...

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...