New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...
CoinDesk

Bitget exchange brings pre-IPO tokens to masses starting with SpaceX on Solana

The crypto exchange opens IPO Prime access with Republic to offer Solana-based tokens tied to private firms ahead of public ...
Homeland Security Today

Supply Chain Compromise Impacts Axios Node Package Manager , CISA Alert Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...
The Caledonian-Record

Correcting and Replacing: Huawei Cloud Introduces Token Service in Asia Pacific

JAKARTA, INDONESIA - Media OutReach Newswire - 21 April 2026 - Huawei Cloud AI Boost Day, themed "Agentic AI Practice", was ...
DataBreachToday

Vercel Traces Customer Data Theft to Agentic AI Tool Breach

Cloud platform provider Vercel said an attacker breached its systems and stole customer data after compromising a third-party ...
The Hacker News

⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.

Why Canada needs a digital dollar

If the current pattern continues, Canada risks building a digital financial system where the only common language is American ...

Aikido Security Launches Endpoint Protection for Developer Devices as Software Supply Chain Attacks Hit Unprecedented Scale

GHENT, Belgium, April 20, 2026 (GLOBE NEWSWIRE) -- Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by ...

Vercel confirms breach as hackers claim to be selling stolen data

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems ...
中国日报网

Daily token surge heralds rapid commercialization of China's AI

China's rapid push to build high-quality data sets is accelerating the commercialization of artificial intelligence, with daily token usage surging more than 1,000-fold in two years, a senior official ...

‘Tokenmaxxing’ is making developers less productive than they think

GitClear, another company in this space, published a report in January that found AI tools increased productivity, but also ...