Bleeping Computer

Red Hat npm packages compromised to steal developer credentials

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source ...
GitHub

Eclipse Paho Java Client

The Paho Java Client is an MQTT client library written in Java for developing applications that run on the JVM or other Java compatible platforms such as Android The Paho Java Client provides two APIs ...
Engadget

NBA The Run hits the streets on June 9

For fans of the style and arcade gameplay of the NBA Street series, developer Play by Play Studios may have a worthy successor in NBA The Run. The game is coming out on June 9 and its development just ...
Bleeping Computer

Trellix source code breach claimed by RansomHouse hackers

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. Yesterday, the ...
Windows Central

Windows 11's new Run box is what happens when Microsoft actually cares: Replaces legacy Windows 95-era dialog with something new and better

The new Windows Run box has been officially unveiled, and it's a genuine improvement over the legacy interface with faster launch times and more features. This is what happens when the people working ...