Contact Information
Theodore Lowe, Ap #867-859
Sit Rd, Azusa New York
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
Ravie LakshmananMay 12, 2026Supply Chain Attack / Software Security RubyGemsthe standard package manager for the Ruby programming language, has temporarily paused account sign ups following
Hugging Face Packages Weaponized With a Single File Tweak
Hugging Facean open source store for AI models and components, is open to an attack via the “tokenizer” layer that AI models use to make
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCPthe threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath,
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Ravie LakshmananMay 07, 2026Malware / Threat Intelligence Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily
TeamPCP Hits SAP Packages With ‘Mini Shai-Hulud’ Attack
TeamPCP‘s extensive supply chain campaign continued this week, as the cybercriminal group compromised several SAP npm packages in a “Mini Shai Hulud” attack. The compromised
Voluntary severance packages: a good way to get rid of the old and the weak?
On cost, Samfiru is blunt about why a buyout program is cheaper than a mass terminationparticularly at companies like Rogers where long-tenured employees would otherwise
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Ravie LakshmananApr 29, 2026Supply Chain Attack / Malware Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen
