Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI vendor questionnaires are missing.

Laravel Lang packages hijacked to deploy credential-stealing malware

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated ...

Malicious npm packages: SAP software compromised

Several SAP npm packages were exposed to a supply chain attack. The hacker group TeamPCP is behind it, say security researchers.
Hosted on MSN

Austin IRS employees exposed to 'unknown substance' from packages: APD

Employees at an Austin IRS building were exposed to an ‘unknown substance’ when a package was opened Another package was found by police and opened in a controlled environment The unknown substance ...