Security Boulevard

Shai-Hulud: The Second Coming

While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...

Shai-Hulud 2: New version of NPM worm also attacks low-code platforms

The attackers have learned from their mistakes and have now developed a more aggressive version of the worm. It has already ...
CSO Online

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
Ars Technica

NPM flooded with malicious packages downloaded more than 86,000 times

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection. The finding, ...
app.com

GoodData Brings AI-Native Data Intelligence to Financial Services

Embeddable, compliant, and auditable AI agents unlock trusted automation for banks, insurers, and financial institutions. SAN FRANCISCO, CA / ACCESS Newswire / October 28, 2025 / GoodData, a leading ...