InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

New Shai-Hulud malware wave compromises 600 npm packages

Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a ...

Four AI supply-chain attacks in 50 days exposed the release pipeline red teams aren't covering

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...

AntSeed Opens First Peer-to-Peer Rival to OpenRouter

Gibraltar, Gibraltar, May 15th, 2026, ChainwirePayments settle directly in providers' wallets with no platform in the ...

The First AI-Crafted Zero-Day Was Easy to Spot. The Next One May Not Be

Google reported the first confirmed AI-assisted zero-day exploit, raising new concerns about logic flaws, supply chain risk, ...
The Hacker NewsOpinion

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Cryptopolitan

Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, ...
CSO Online

Mistral AI SDK, TanStack Router hit in npm software supply chain attack

Hundreds of software packages are affected, once again threatening enterprise credentials on coders’ machines.
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Hacker News

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and ...

OrcaRouter Launches the Open LLM API Router -- Zero Markup, MIT-Licensed, 100+ Models

Today, Continuum AI released OrcaRouter and OrcaRouter Lite — a unified inference layer that routes across 200+ frontier and open-source language models, with zero markup on BYOK traffic.