Npm Visual Studio Code

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

CSOonline

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Trending now