New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...
TMCnet

MESCIUS USA, Inc. Introduces Document Solutions for PDF JS for Document Solutions Product Line

MESCIUS USA, Inc., a global provider of award-winning enterprise software development tools, is pleased to announce a new product for the Document Solutions product line: Document Solutions PDF JS.
The Hacker News

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

A large-scale campaign impersonates open-source and freeware project portals to redirect users through a gated TDS and ...
The Caledonian-Record

Xfinity Ranked #1 Nationally in Consistent Quality, Download Speed, and Video Experience in New Opensignal Report

Xfinity has once again been recognized as a broadband leader in Opensignal’s latest U.S. Fixed Broadband Experience Report, ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
The Caledonian-Record

Hiya and DNA Launch Network-Level Call Protection for Consumers and Businesses

DNA Numerovahti, which translates loosely to “number guardian” in Finnish, is available to consumer subscribers through DNA’s new DNA Huoleton Plus tier, where it is bundled alongside safe browsing ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...
The Indiana Gazette

Many babies sickened in ByHeart formula botulism outbreak needed more treatment after hospitalization

Healthbeat reports that a recent ByHeart baby formula botulism outbreak left many hospitalized infants needing ongoing ...