The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
Tax Guru

GST Introduces IMS Offline Tool to Simplify Bulk Invoice Management

The GST portal launches an Excel-based IMS Offline Tool to help taxpayers efficiently manage and process invoices. It enables ...

Agios plans Q2 sNDA filing for mitapivat in sickle cell disease while citing >$10B 2030 market opportunity

On sickle cell, Q4 framed the pre-sNDA meeting as pending to define pathway, while Q1 updated to a specific action and timing: CEO Goff said Agios “plan [s] to submit an sNDA…in the second quarter ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

LinkDaddy LLC Launches AI Verified to Solve SME Knowledge Graph Exclusion

LinkDaddy LLC, the Florida-registered digital infrastructure company founded by Anthony James Peacock, today announced the ...

What the Tech? How to protect and preserve your Facebook information, even if you forget the password

Over half of all internet users say they've had to stop using an online account because they forgot their password.
Security Boulevard

Attacking the MCP Trust Boundary

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...

With WonderCMS, I was able to get my business online in just a few steps

Installing a CMS on your web-based server doesn't have to be difficult. That's where WonderCMS comes in.

DuckDB uses RDBMS to attack classic 'small changes' problem in lakehouses

The team behind in-process OLAP database DuckDB has put forward a solution to the "small changes" problem that they say ...

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...