Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Bleeping Computer

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.3, ...
Wired

You Can Now Install—and Update—Microsoft Store Apps Using the Command Line

I can't stand opening the Microsoft Store. It's slow to load, confusing to browse, and full of ads for things I don't care about. Luckily, thanks to a new feature, I don't have to open the Microsoft ...
ZDNet

This free tool gives you one easy way to install apps on Linux and Mac - here's how

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Computerworld

Using DISM to install Windows updates

Note that .msu updates only work on offline images, while the more common .cab files may be applied to an online image to update a running Windows install. If an .msu is the only format available for ...
techannouncer

Top Python Coding App for Android: Your Mobile Python IDE Guide

Learning Python on your Android device is totally doable these days. Gone are the days when you needed a full computer setup. Whether you’re just starting out or want to code on the go, there are some ...
The Patriot Ledger

Unexpected package at your door? Officials say it could be a scam

Have you ever received an unexpected package in the mail? It may not be a gift – you could be the victim of a brushing scam, according to the United States Postal Inspection Service. A brushing scam ...