GitHub tightens npm security with mandatory 2FA, access tokens

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale ...
The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.

Hidden prompt injection: The black hat trick AI outgrew

Invisible prompts once tricked AI like old SEO hacks. Here’s how LLMs filter hidden commands and protect against manipulation ...