Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
The Caledonian-Record

TestMu AI Introduces SmartUI Build Data Export for Visual Testing Workflows

TestMu AI Introduces SmartUI Build Data Export for Visual Testing Workflows The new capability enables teams to export SmartUI build data in PDF, CSV, and JSON formats for reporting, collaboration, ...
PV Tech

Beyond modules: why US solar’s future depends on upstream manufacturing scale-up

As solar imports to the US face increasing restrictions, domestic manufacturers are racing to build upstream production ...
InfoQ

ExtendDB: Open Source Amazon DynamoDB Compatible Adapter with Pluggable Storage Backends

AWS recently announced ExtendDB, a DynamoDB-compatible adapter that lets developers use the DynamoDB API with different ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...