The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...
SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
Opinion
Foreign AffairsOpinion

The New Resource Curse

This episode joins a long list of embargoes, oil-price shocks, nationalization waves, and resource wars that have made petroleum the textbook case of commodity-driven instability. Yet the kinds of ...
Foreign Affairs

What Drove Down America’s Fentanyl Deaths?

Among U.S. President Donald Trump’s first actions after returning to office in January 2025 was imposing new tariffs on Canada, China, and Mexico, which he accused of sending fentanyl to the United ...
The Caledonian-Record

Agentic AI and compliance: How autonomous agents are redrawing software risk boundaries

Anrok reports that agentic AI is transforming compliance in fintech by autonomously executing workflows, reducing human ...