资讯

The Hacker News2 天

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

Dev snared in crypto phishing net, 18 npm packages compromised

Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the two ...
CSO Online2 天

GhostAction campaign steals 3325 secrets in GitHub supply chain attack

Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.
hodlfm6 天

Hackers Use Ethereum Smart Contracts to Conceal Malware in NPM Packages

Malware targeting Ethereum smart contracts is not entirely new. Earlier this year, the North Korean-affiliated Lazarus Group ...
InfoWorld6 天

Chat with data the easy way in R or Python

Why write SQL queries when you can get an LLM to write the code for you? Query NFL data using querychat, a new chatbot ...
InfoWorld6 天

Databot: AI-assisted data analysis in R or Python

Databot is an experimental alternative to querychat that works with R or Python. And it’s now available as an add-on for the ...