TechJuice

SAP npm Packages Compromised in Mini Shai-Hulud Supply Chain Attack

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

Delray Beach beauty platform acquires $31 million fragrance business with national retail reach

Preview this article 1 min A Delray Beach beauty platform is making another acquisition as it builds out its brand portfolio ...
The Caledonian-Record

Genentech to Present Extensive Data Showcasing Its Industry-Leading Ophthalmology Portfolio at ARVO 2026

Genentech, a member of the Roche Group (SIX: RO, ROP; OTCQX: RHHBY), announced today that it will showcase key real-world, product and pipeline data from its ophthalmology portfolio at the Association ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Appeals court slaps OR attorney with $8K sanction for AI-generated errors

Oregon Court of Appeals sanctions attorney $8,000 for AI-generated fabrications in legal brief, marking first such penalty in ...

We could have won a bit more since 2017 - Sciver-Brunt

Captain Nat Sciver-Brunt says England have underachieved since their memorable World Cup win at Lord's in 2017.
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
Foreign Affairs

What Drove Down America’s Fentanyl Deaths?

Among U.S. President Donald Trump’s first actions after returning to office in January 2025 was imposing new tariffs on Canada, China, and Mexico, which he accused of sending fentanyl to the United ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.