New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
Nature

How much for a fake authorship? Ad database reveals secrets of scientific fraud

The collection — the largest of its kind — contains more than 18,700 adverts that were posted between March 2020 and early ...
Science Daily

Top Science News

Apr. 7, 2026 A gene called KLF5 may be a key force behind the spread of pancreatic cancer—but not in the way scientists expected. Rather than mutating DNA, it rewires how genes are turned on and off, ...