SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
PV Tech

MSolar to build US$23.7 million solar glass, cell and module factory in Virginia

MSolar Manufacturing has announced plans to invest US$23.7 million into a new vertically-integrated solar manufacturing ...
The Caledonian-Record

Lotus Microsystems Launches First vStrata™ Module, a Vertical Power Delivery Platform Designed ...

Lotus Microsystems, a developer of advanced vertical power delivery and thermal management solutions, today announced the launch of vStrata™. As modern AI ...
IEEE

A Multilevel-DC-Link Converter With Single-Device Modules in Series for VSC-HVDC Application

Abstract: Voltage-source-converter-based high-voltage dc transmission (VSC-HVdc) is widely applied in the fields such as offshore wind power transmission, and modular multilevel converter (MMC) is a ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...
SecurityWeek

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Astronauts told to shelter on spacecraft after air leaks are found on ISS

Astronauts aboard the International Space Station (ISS) have been told to shelter as an urgent repair is needed to fix air ...
Tech Xplore

New WebAssembly memory layout could stop Heartbleed-style browser attacks with no visible slowdown

Google Earth, Zoom, Twitch.tv or Photoshop—thanks to the WebAssembly standard, many powerful applications now run directly in ...