Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
GhanaWeb - Ghana HomePage

Popular Open-Source Package Stole User Credentials: What It Means for Ghanaian Developers

A widely used open-source tool stole passwords and API keys from over 1 million users. Here's what Ghanaian developers need ...
Cryptopolitan

Hackers plant 73 sleeper extensions in OpenVSX to steal crypto wallets

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...

Top open source PyPI package with over 1 million downloads each month hacked to send out malware

This was not a case of stolen credentials, but rather of vulnerability exploitation.