The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Sigma Computing seals $80M funding round as it pivots toward ‘agentic analytics’

Cloud-native data analytics startup Sigma Computing Inc. has closed on an $80 million Series E funding round that doubles its ...
Ecommerce Fastlane

SaaS Development Costs in 2026: Real Budgets, Timelines & Honest Answers — Phenomenon Studio

Phenomenon Studio reveals what SaaS, ERP, and digital product development actually costs in 2026. Real project budgets, ...
CIO

SAP’s new API policy restricts AI access, draws customer criticism

Limiting API usage to “SAP-endorsed architectures, data services, or service-specific pathways,” SAP has encountered pushback from the DSAG user group over the scope and implications of the updated ...
InfoWorld

Anthropic acquires Stainless to strengthen Claude’s developer tooling

The deal gives Anthropic tighter control over how developers connect Claude to software and business systems as AI vendors ...
CIO

SAP’s AI promises last year? Most are still rolling out

Joule Studio adoption has been “minimal,” SAP admits — but in version 2.0 it aims to fix what held customers back.
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...
The Next Web

Sigma Computing doubles valuation to $3 billion in Series E as agentic analytics race heats up

The San Francisco analytics company hit $200 million ARR in April, doubling year over year. Sigma Agents, its no-code AI product, became the fastest-adopted feature in the company's history.

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...